CVE-2022-48749

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc

The function performs a check on the "ctx" input parameter, however, it is used before the check.

Initialize the "base" variable after the sanity check to avoid a possible NULL pointer dereference.

Addresses-Coverity-ID: 1493866 ("Null pointer dereference")

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4259ff7ae509ed880b3a7bb685972c3a3bf4b74b < 93a6e920d8ccb4df846c03b6e72f7e08843d294caffected
LinuxLinux4259ff7ae509ed880b3a7bb685972c3a3bf4b74b < 8f069f6dde518dfebe86e848508c07e497bd9298affected
LinuxLinux4259ff7ae509ed880b3a7bb685972c3a3bf4b74b < 1ebc18836d5df09061657f8c548e594cbb519476affected
LinuxLinux4259ff7ae509ed880b3a7bb685972c3a3bf4b74b < 170b22234d5495f5e0844246e23f004639ee89baaffected
LinuxLinux5.8affected
LinuxLinux0 < 5.8unaffected
LinuxLinux5.10.96 <= 5.10.*unaffected
LinuxLinux5.15.19 <= 5.15.*unaffected
LinuxLinux5.16.5 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References