CVE-2022-49491: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind()
First published: Wed Feb 26 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() It will cause null-ptr-deref in resource_size(), if platform_get_resource() returns NULL, move calling resource_size() after devm_ioremap_resource() that will check 'res' to avoid null-ptr-deref.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel | >=3.19<4.9.318 | |
| Linux Kernel | >=4.10<4.14.283 | |
| Linux Kernel | >=4.15<4.19.247 | |
| Linux Kernel | >=4.20<5.4.198 | |
| Linux Kernel | >=5.5<5.10.121 | |
| Linux Kernel | >=5.11<5.15.46 | |
| Linux Kernel | >=5.16<5.17.14 | |
| Linux Kernel | >=5.18<5.18.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/452922955df215a417c80d09dab72bbc667a1861
- https://git.kernel.org/stable/c/fcd6a886443730c39170b8383411e52118aec0a3
- https://git.kernel.org/stable/c/6ff986e057bf28e2f7690dad410768b2270f9453
- https://git.kernel.org/stable/c/a9b4599665e437de8a1152799c34841b799a2e1c
- https://git.kernel.org/stable/c/3451852312303d54a003c73bd0ae39cebb960bd5
- https://git.kernel.org/stable/c/b54926bd558d97c888c3d2d87886f3c159d3254a
- https://git.kernel.org/stable/c/769c53bb6116d0eaec0f1fe4ec4b27a74465cad1
- https://git.kernel.org/stable/c/ecfa52654d0c9c333c1fe1611f47105f6bce9591
- https://git.kernel.org/stable/c/f8c242908ad15bbd604d3bcb54961b7d454c43f8
Frequently Asked Questions
What is the severity of CVE-2022-49491?
CVE-2022-49491 is classified as a medium severity vulnerability affecting the Linux kernel.
How do I fix CVE-2022-49491?
To fix CVE-2022-49491, upgrade to a patched version of the Linux kernel that addresses this vulnerability.
Which versions of the Linux kernel are affected by CVE-2022-49491?
CVE-2022-49491 affects multiple versions of the Linux kernel, specifically those ranging from 3.19 to 5.18.3.
What impact does CVE-2022-49491 have on system security?
CVE-2022-49491 may lead to a null pointer dereference, potentially causing application crashes or unexpected behavior in the affected systems.
Is CVE-2022-49491 actively exploited in the wild?
As of now, there is no public information indicating that CVE-2022-49491 is actively exploited in the wild.
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/type
- agent/title
- agent/references
- agent/author
- agent/source
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/remedy
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.19
- version/linux kernel/4.10
- version/linux kernel/4.15
- version/linux kernel/4.20
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/5.18