CVE-2022-48749

MEDIUM

Linux Kernel 5.8-5.10.96 5.11-5.15.19 5.16-5.16.5 - Null Pointer Dereference in dpu_setup_dspp_pcc

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc The function performs a check on the "ctx" input parameter, however, it is used before the check. Initialize the "base" variable after the sanity check to avoid a possible NULL pointer dereference. Addresses-Coverity-ID: 1493866 ("Null pointer dereference")

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/93a6e920d8ccb4df846c03b6e72f7e08843d294c

Patch

https://git.kernel.org/stable/c/8f069f6dde518dfebe86e848508c07e497bd9298

Patch

https://git.kernel.org/stable/c/1ebc18836d5df09061657f8c548e594cbb519476

Patch

https://git.kernel.org/stable/c/170b22234d5495f5e0844246e23f004639ee89ba

Scores

CVSS v3 5.5

EPSS 0.0022

EPSS Percentile 13.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (15)

linux/Kernel 5.11.0 - 5.15.19linux

linux/Kernel 5.16.0 - 5.16.5linux

linux/Kernel 5.8.0 - 5.10.96linux

Linux/Linux < 5.8

Linux/Linux 4259ff7ae509ed880b3a7bb685972c3a3bf4b74b - 170b22234d5495f5e0844246e23f004639ee89ba

Linux/Linux 4259ff7ae509ed880b3a7bb685972c3a3bf4b74b - 1ebc18836d5df09061657f8c548e594cbb519476

Linux/Linux 4259ff7ae509ed880b3a7bb685972c3a3bf4b74b - 8f069f6dde518dfebe86e848508c07e497bd9298

Linux/Linux 4259ff7ae509ed880b3a7bb685972c3a3bf4b74b - 93a6e920d8ccb4df846c03b6e72f7e08843d294c

Linux/Linux 5.10.96 - 5.10.*

Linux/Linux 5.15.19 - 5.15.*

... and 5 more

Published Jun 20, 2024

Tracked Since Feb 18, 2026