CVE-2022-49485

In the Linux kernel, the following vulnerability has been resolved:

drm/v3d: Fix null pointer dereference of pointer perfmon

In the unlikely event that pointer perfmon is null the WARN_ON return path
occurs after the pointer has already been deferenced. Fix this by only
dereferencing perfmon after it has been null checked.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
linuxlinux_kernel
5.15 ≤
𝑥
< 5.15.46
linuxlinux_kernel
5.16 ≤
𝑥
< 5.17.14
linuxlinux_kernel
5.18 ≤
𝑥
< 5.18.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/1df8f8901babcc8c8eea2c067179e455b5c828fd
https://git.kernel.org/stable/c/3b72deb784a7d4ae8519a5c584cd87c4b57aa6c8
https://git.kernel.org/stable/c/4be045434923e549a50846a066a04b7b6c1d6d33
https://git.kernel.org/stable/c/ce7a1ecf3f9f1fccaf67295307614511d8e11b13