CVE-2022-49490

MEDIUM EPSS 15.9%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected mdp5_get_global_state runs the risk of hitting a -EDEADLK when acquiring the modeset lock, but currently mdp5_pipe_release doesn't check for if an error is returned. Because of this, there is a possibility of mdp5_pipe_release hitting a NULL dereference error. To avoid this, let's have mdp5_pipe_release check if mdp5_get_global_state returns an error and propogate that error. Changes since v1: - Separated declaration and initialization of *new_state to avoid compiler warning - Fixed some spelling mistakes in commit message Changes since v2: - Return 0 in case where hwpipe is NULL as this is considered normal behavior - Added 2nd patch in series to fix a similar NULL dereference issue in mdp5_mixer_release Patchwork: https://patchwork.freedesktop.org/patch/485179/

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥4.18  –  <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.121
linuxlinux_kernel*≥5.11  –  <5.15.46
linuxlinux_kernel*≥5.16  –  <5.17.14
linuxlinux_kernel*≥5.18  –  <5.18.3

References 7

  • git.kernel.org https://git.kernel.org/stable/c/04bef5f1ba8ea6d7c1c8f5f65e0395c62db59cb8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/19964dfb39bda4d7716a71009488f0668ecbcf52
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/33dc5aac46e0fad8f5eb193e5906ed0eb6b66ceb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49dc28b4b2e28ef7564e355c91487996c1cbebd7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/776f5c58bfe16cf322d71eeed3c5dda1eeac7e6b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b2aa2c4efe93e2580d6a8774b04fe2b99756a322
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d59be579fa932c46b908f37509f319cbd4ca9a68
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/04bef5f1ba8ea6d7c1c8f5f65e0395c62db59cb8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/19964dfb39bda4d7716a71009488f0668ecbcf52
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/33dc5aac46e0fad8f5eb193e5906ed0eb6b66ceb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49dc28b4b2e28ef7564e355c91487996c1cbebd7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/776f5c58bfe16cf322d71eeed3c5dda1eeac7e6b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b2aa2c4efe93e2580d6a8774b04fe2b99756a322
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d59be579fa932c46b908f37509f319cbd4ca9a68
    Patch