CVE-2022-49506

26.02.2025, 07:01

In the Linux kernel, the following vulnerability has been resolved:

drm/mediatek: Add vblank register/unregister callback functions

We encountered a kernel panic issue that callback data will be NULL when
it's using in ovl irq handler. There is a timing issue between
mtk_disp_ovl_irq_handler() and mtk_ovl_disable_vblank().

To resolve this issue, we use the flow to register/unregister vblank cb:
- Register callback function and callback data when crtc creates.
- Unregister callback function and callback data when crtc destroies.

With this solution, we can assure callback data will not be NULL when
vblank is disable.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.234-1 fixed
bookworm	6.1.123-1 fixed
bookworm (security)	6.1.128-1 fixed
trixie	6.12.12-1 fixed
sid	6.12.16-1 fixed

References

https://git.kernel.org/stable/c/3a4027b5971fe2a94e32754f007d9d3c12c68ad1

https://git.kernel.org/stable/c/8a265d9838bc3c63579002d55c2b2c655c4f8f26

https://git.kernel.org/stable/c/8a2dbdeccef6de47565638abdf3c25f41cdffc37

https://git.kernel.org/stable/c/b74d921b900b6ce38c6247c0a1c86be9f3746493