CVE-2022-48703: thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR
In the Linux kernel, the following vulnerability has been resolved:
thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR
In some case, the GDDV returns a package with a buffer which has
zero length. It causes that kmemdup() returns ZERO_SIZE_PTR (0x10).
Then the data_vault_read() got NULL point dereference problem when
accessing the 0x10 value in data_vault.
[ 71.024560] BUG: kernel NULL pointer dereference, address:
0000000000000010
This patch uses ZERO_OR_NULL_PTR() for checking ZERO_SIZE_PTR or
NULL value in data_vault.
Security readout for executives and security teams
Plain-English summary
This is a Linux kernel reliability flaw in the int340x thermal driver path. When firmware data includes a zero-length buffer, the kernel can mishandle a special pointer value and trigger a NULL pointer dereference. The public record does not provide CVSS, confirmed exploitation, or business impact beyond the kernel fault.
Executive priority
Treat this as a routine kernel maintenance item unless vendor advisories raise severity for your environment. There is no supplied evidence of active exploitation, but kernel crash bugs can still affect availability on exposed hardware and should be folded into normal Linux patch cycles.
Technical view
The issue occurs when GDDV returns a package containing a zero-length buffer. kmemdup() can return ZERO_SIZE_PTR, but data_vault_read() later treats that value unsafely. The upstream fix checks data_vault with ZERO_OR_NULL_PTR() so both NULL and ZERO_SIZE_PTR are handled before access.
Likely exposure
Exposure appears limited to Linux systems running affected kernel versions and exercising the thermal/int340x_thermal data_vault path. The bundle lists Linux 5.8, 5.10.258, 5.15.189, 5.19.9, and 6.0 as affected-version entries, but exact distribution package status must be verified with vendor advisories.
Exploitation context
No active exploitation is supported by the supplied sources, and the CVE is not listed as KEV. The provided description shows a kernel NULL pointer dereference at address 0x10, suggesting a crash or denial-of-service style impact, but no exploitability details are provided.
Researcher notes
The source evidence is narrow: a resolved Linux kernel NULL pointer dereference involving ZERO_SIZE_PTR from kmemdup() after a zero-length GDDV buffer. The record lacks CVSS, CWE, attack vector, privileges required, and distribution-specific fixed versions, so validation should rely on kernel source or vendor backports.
Mitigation direction
Check your Linux distribution advisory for CVE-2022-48703 package status.
Update to a kernel build containing the referenced upstream stable fix.
Prioritize systems using affected Linux kernel versions and the int340x thermal driver path.
Track vendor guidance if exact kernel backport status is unclear.
Validation and detection
Inventory running kernel versions across Linux fleets.
Check whether vendor kernel changelogs reference CVE-2022-48703 or the stable commits.
Review kernel logs for related NULL pointer dereferences in int340x_thermal paths.
Confirm patched systems include ZERO_OR_NULL_PTR handling for data_vault.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2022-48703 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.