CVE-2022-49827
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49827
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49827.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49827
- Downstream
- Related
- Published
- 2025-05-01T14:09:46.805Z
- Modified
- 2025-11-28T02:35:49.547033Z
- Summary
- drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
drm: Fix potential null-ptr-deref in drmvblankdestroy_worker()
drmvblankinit() call drmmaddactionorreset() with drmvblankinitrelease() as action. If _drmmaddaction() failed, will directly call drmvblankinitrelease() with the vblank whose worker is NULL. As the resule, a null-ptr-deref will happen in kthreaddestroyworker(). Add the NULL check before calling drmvblankdestroyworker().
BUG: null-ptr-deref KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f] CPU: 5 PID: 961 Comm: modprobe Not tainted 6.0.0-11331-gd465bff130bf-dirty RIP: 0010:kthreaddestroyworker+0x25/0xb0 Call Trace: <TASK> drmvblankinitrelease+0x124/0x220 [drm] ? drmcrtcvblankrestore+0x8b0/0x8b0 [drm] _drmmaddactionorreset+0x41/0x50 [drm] drmvblankinit+0x282/0x310 [drm] vkmsinit+0x35f/0x1000 [vkms] ? 0xffffffffc4508000 ? lockisheldtype+0xd7/0x130 ? _kmemcacheallocnode+0x1c2/0x2b0 ? lockisheldtype+0xd7/0x130 ? 0xffffffffc4508000 dooneinitcall+0xd0/0x4f0 ... dosyscall64+0x35/0x80 entrySYSCALL64afterhwframe+0x46/0xb0
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49827.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/1d160dfb3fdf11ba9447e862c548447f91f4e74a
- https://git.kernel.org/stable/c/3acd2016421b2e628acad65495d15493bf7a3bc3
- https://git.kernel.org/stable/c/4979524f5a2a8210e87fde2f642b0dc060860821
- https://git.kernel.org/stable/c/e884a6c2d49a6c12761e5bed851e9fe93bd923a1
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49827.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49827
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5e6c2b4f916157e8f10d093d43e88b2a250d1774Fixed1d160dfb3fdf11ba9447e862c548447f91f4e74aFixede884a6c2d49a6c12761e5bed851e9fe93bd923a1Fixed3acd2016421b2e628acad65495d15493bf7a3bc3Fixed4979524f5a2a8210e87fde2f642b0dc060860821