CVE-2022-49495: drm/msm/hdmi: check return value after calling platform_get_resource_byname()
First published: Wed Feb 26 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. Patchwork: https://patchwork.freedesktop.org/patch/482992/
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel | >=4.3<4.9.318 | |
| Linux Kernel | >=4.10<4.14.283 | |
| Linux Kernel | >=4.15<4.19.247 | |
| Linux Kernel | >=4.20<5.4.198 | |
| Linux Kernel | >=5.5<5.10.121 | |
| Linux Kernel | >=5.11<5.15.46 | |
| Linux Kernel | >=5.16<5.17.14 | |
| Linux Kernel | >=5.18<5.18.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/9cb1ee33efccb8b107ee04b7b3441820de3fd2da
- https://git.kernel.org/stable/c/c1bfacf0daf25a5fc7d667399d6ff2dffda84cd8
- https://git.kernel.org/stable/c/0978fcce91b90b561b8c82e7c492ba9fc8440eef
- https://git.kernel.org/stable/c/2b3ed7547b1a052209da6c4ab886ffe0eed88c42
- https://git.kernel.org/stable/c/d9cb951d11a4ace4de5c50b1178ad211de17079e
- https://git.kernel.org/stable/c/4cd66a8016b872a153bf892fe4258cbc0dacf5b1
- https://git.kernel.org/stable/c/6369dda4a2209142ab819f01d3d2076d81e3ebdd
- https://git.kernel.org/stable/c/9f5495a5c51c1d11c6ffc13aa2befffec0c2651a
- https://git.kernel.org/stable/c/a36e506711548df923ceb7ec9f6001375be799a5
Frequently Asked Questions
What is the severity of CVE-2022-49495?
CVE-2022-49495 is rated as a moderate severity vulnerability due to its potential to cause null pointer dereference in the Linux kernel.
How do I fix CVE-2022-49495?
To fix CVE-2022-49495, you need to apply the latest patches provided by the Linux kernel maintainers.
Which versions of the Linux kernel are affected by CVE-2022-49495?
CVE-2022-49495 affects several versions of the Linux kernel from 4.3 to 5.18.3, depending on specific releases.
What impact does CVE-2022-49495 have on system security?
CVE-2022-49495 can lead to system instability or crashes by causing a null pointer dereference.
Is there a workaround for CVE-2022-49495 if I cannot apply the patch immediately?
There are no known effective workarounds for CVE-2022-49495, so updating to a patched version is recommended.
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/type
- agent/title
- agent/references
- agent/author
- agent/source
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/remedy
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/linux
- canonical/linux kernel
- version/linux kernel/4.3
- version/linux kernel/4.10
- version/linux kernel/4.15
- version/linux kernel/4.20
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/5.18