Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-48749— drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc

EPSS 0.02% · P5
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-48749

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function performs a check on the "ctx" input parameter, however, it is used before the check. Initialize the "base" variable after the sanity check to avoid a possible NULL pointer dereference. Addresses-Coverity-ID: 1493866 ("Null pointer dereference")
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于 drm/msm/dpu 模块 dpu_setup_dspp_pcc 中参数检查存在错误。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 4259ff7ae509ed880b3a7bb685972c3a3bf4b74b ~ 93a6e920d8ccb4df846c03b6e72f7e08843d294c -
LinuxLinux 5.8 -

II. Public POCs for CVE-2022-48749

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-48749

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-06-20 · 67 CVEs total

CVE-2022-48751net/smc: Transitional solution for clcsock race issue
CVE-2022-48770bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
CVE-2022-48768tracing/histogram: Fix a potential memory leak for kstrdup()
CVE-2022-48769efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
CVE-2022-48757net: fix information leakage in /proc/net/ptype
CVE-2022-48756drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
CVE-2022-48755powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
CVE-2022-48754phylib: fix potential use-after-free
CVE-2022-48753block: fix memory leak in disk_register_independent_access_ranges
CVE-2022-48752powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending
CVE-2022-48758scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
CVE-2022-48750hwmon: (nct6775) Fix crash in clear_caseopen
CVE-2022-48748net: bridge: vlan: fix memory leak in __allowed_ingress
CVE-2022-48747block: Fix wrong offset in bio_truncate()
CVE-2022-48745net/mlx5: Use del_timer_sync in fw reset flow of halting poll
CVE-2022-48746net/mlx5e: Fix handling of wrong devices during bond netevent
CVE-2022-48744net/mlx5e: Avoid field-overflowing memcpy()
CVE-2022-48743net: amd-xgbe: Fix skb data length underflow
CVE-2022-48742rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
CVE-2022-48741ovl: fix NULL pointer dereference in copy up warning

Showing top 20 of 67 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2022-48749

No comments yet

Leave a comment