CVE-2022-49232

drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MITRE
PS

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() In amdgpu_dm_connector_add_common_modes(), amdgpu_dm_create_common_mode()
is assigned to mode and is passed to drm_mode_probed_add() directly after
that. drm_mode_probed_add() passes &mode->head to list_add_tail(), and
there is a dereference of it in list_add_tail() without recoveries, which
could lead to NULL pointer dereference on failure of
amdgpu_dm_create_common_mode(). Fix this by adding a NULL check of mode. This bug was found by a static analyzer. Builds with 'make allyesconfig' show no new warnings,
and our static analyzer no longer warns about this code.

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-26 CVE Reserved
2025-02-26 CVE Published
2025-05-04 CVE Updated
2025-06-28 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
https://git.kernel.org/stable/c/e7b07ceef2a650e5ed8ca37997689e086c680daf	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/2c729dec8c1e3e2892fde5ce8181553860914e74	2022-04-15
https://git.kernel.org/stable/c/57f4ad5e286fe4599c8fc63cf89f85f9eec7f9c9	2022-04-15
https://git.kernel.org/stable/c/19a7eba284790cfbba2945deb2363cf03ce41648	2022-04-08
https://git.kernel.org/stable/c/bdc7429708a0772d90c208975694f7c2133b1202	2022-04-08
https://git.kernel.org/stable/c/f4eaa999fec78dec2a9c2d797438e05cbffb125b	2022-04-08
https://git.kernel.org/stable/c/639b3b9def0a6a3f316a195d705d14113236e89c	2022-04-08
https://git.kernel.org/stable/c/588a70177df3b1777484267584ef38ab2ca899a2	2022-01-25

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 4.19.238 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 4.19.238"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.4.189 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.4.189"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.10.110 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.10.110"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.15.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.15.33"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.16.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.16.19"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.17.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.17.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.15 < 5.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.15 < 5.18"		en		Affected