CVE-2022-49489

In the Linux kernel, the following vulnerability has been resolved:

drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume

BUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3

Call trace:
  dpu_vbif_init_memtypes+0x40/0xb8
  dpu_runtime_resume+0xcc/0x1c0
  pm_generic_runtime_resume+0x30/0x44
  __genpd_runtime_resume+0x68/0x7c
  genpd_runtime_resume+0x134/0x258
  __rpm_callback+0x98/0x138
  rpm_callback+0x30/0x88
  rpm_resume+0x36c/0x49c
  __pm_runtime_resume+0x80/0xb0
  dpu_core_irq_uninstall+0x30/0xb0
  dpu_irq_uninstall+0x18/0x24
  msm_drm_uninit+0xd8/0x16c

Patchwork: https://patchwork.freedesktop.org/patch/483255/
[DB: fixed Fixes tag]
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
LinuxCNA
---
---
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 4%
VendorProductVersion
linuxlinux_kernel
4.19 ≤
𝑥
< 4.19.247
linuxlinux_kernel
4.20 ≤
𝑥
< 5.4.198
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.121
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.46
linuxlinux_kernel
5.16 ≤
𝑥
< 5.17.14
linuxlinux_kernel
5.18 ≤
𝑥
< 5.18.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/134760263f6441741db0b2970e7face6b34b6d1c
https://git.kernel.org/stable/c/5b0adf5cbf3b74721e4e4c4e0cadc91b8df8bcc2
https://git.kernel.org/stable/c/97ac682b6f7d36be5d934f86c9911066540a68f1
https://git.kernel.org/stable/c/aa4cb188988dc6f1b3f4917d4dbc452150a5d871
https://git.kernel.org/stable/c/ef10d0c68e8608848cd58fca2589685718426607
https://git.kernel.org/stable/c/ef4bdaac7cb5416f236613ed9337ff0ea8ee329b
https://git.kernel.org/stable/c/fa5186b279ecf44b14fb435540d2065be91cb1ed