CVE-2022-48710

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/radeon: fix a possible null pointer dereference

In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd.

The failure status of drm_cvt_mode() on the other path is checked too.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < b33f7d99c9226892c7794dc2500fae35966020c9affected
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < 16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9faffected
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < 8a89bfeef9abe93371e3ea8796377f2d132eee29affected
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < 28fd384c78d7d8ed8af0d086d778c3e438ba7f60affected
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < fee8ae0a0bb66eb7730c22f44fbd7203f63c2eabaffected
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < 7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9affected
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < e938d24f0b7392e142b8aa434f18590d99dbe479affected
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < 140d9807b96e1303f6f2675a7ae8710a2094bd17affected
LinuxLinux771fe6b912fca54f03e8a72eb63058b582775362 < a2b28708b645c5632dc93669ab06e97874c8244faffected
LinuxLinux2.6.31affected
LinuxLinux0 < 2.6.31unaffected
LinuxLinux4.9.318 <= 4.9.*unaffected
LinuxLinux4.14.283 <= 4.14.*unaffected
LinuxLinux4.19.247 <= 4.19.*unaffected
LinuxLinux5.4.198 <= 5.4.*unaffected
LinuxLinux5.10.122 <= 5.10.*unaffected
LinuxLinux5.15.47 <= 5.15.*unaffected
LinuxLinux5.17.15 <= 5.17.*unaffected
LinuxLinux5.18.4 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References