CVE-2022-48756

MEDIUM

Linux Kernel 4.3-5.16.5 - Null Pointer Dereference in msm_dsi_phy_enable

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize the "dev" variable after the sanity check to avoid a possible NULL pointer dereference. Addresses-Coverity-ID: 1493860 ("Null pointer dereference")

References (7)

Core 7

Core References

Patch

https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe

Patch

https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd

Patch

https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100

Patch

https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5

Patch

https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7

Patch

https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951

Patch

https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c

Scores

CVSS v3 5.5

EPSS 0.0021

EPSS Percentile 11.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-476

Status published

Products (24)

linux/Kernel 4.15.0 - 4.19.228linux

linux/Kernel 4.20.0 - 5.4.176linux

linux/Kernel 4.3.0 - 4.14.265linux

linux/Kernel 5.11.0 - 5.15.19linux

linux/Kernel 5.16.0 - 5.16.5linux

linux/Kernel 5.5.0 - 5.10.96linux

Linux/Linux < 4.3

Linux/Linux 4.14.265 - 4.14.*

Linux/Linux 4.19.228 - 4.19.*

Linux/Linux 4.3

... and 14 more

Published Jun 20, 2024

Tracked Since Feb 18, 2026