CVE-2022-50181

Summary

In the Linux kernel, the following vulnerability has been resolved:

virtio-gpu: fix a missing check to avoid NULL dereference

'cache_ent' could be set NULL inside virtio_gpu_cmd_get_capset() and it will lead to a NULL dereference by a lately use of it (i.e., ptr = cache_ent->caps_cache). Fix it with a NULL check.

[ kraxel: minor codestyle fixup ]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux62fb7a5e10962ac6ae2a2d2dbd3aedcb2a3e3257 < 259773fc874258606c0121767a4a27466ff337ebaffected
LinuxLinux62fb7a5e10962ac6ae2a2d2dbd3aedcb2a3e3257 < 39caef09666c1d8274abf9472c72bcac236dc5fbaffected
LinuxLinux62fb7a5e10962ac6ae2a2d2dbd3aedcb2a3e3257 < adbdd21983fa292e53aec3eab97306b2961ea887affected
LinuxLinux62fb7a5e10962ac6ae2a2d2dbd3aedcb2a3e3257 < 367882a5a9448b5e1ba756125308092d614cb96caffected
LinuxLinux62fb7a5e10962ac6ae2a2d2dbd3aedcb2a3e3257 < bd63f11f4c3c46afec07d821f74736161ff6e526affected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux5.10.137 <= 5.10.*unaffected
LinuxLinux5.15.61 <= 5.15.*unaffected
LinuxLinux5.18.18 <= 5.18.*unaffected
LinuxLinux5.19.2 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References