CVE-2022-49532

FAULTINJECTION stacktrace: [ 168.567394] FAULTINJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 [ 168.567403] CPU: 1 PID: 6425 Comm: syz Kdump: loaded Not tainted 4.19.90-vhulk2201.1.0.h1035.kasan.eulerosv2r10.aarch64 #1 [ 168.567406] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 [ 168.567408] Call trace: [ 168.567414] dumpbacktrace+0x0/0x310 [ 168.567418] showstack+0x28/0x38 [ 168.567423] dumpstack+0xec/0x15c [ 168.567427] shouldfail+0x3ac/0x3d0 [ 168.567437] __shouldfailslab+0xb8/0x120 [ 168.567441] shouldfailslab+0x28/0xc0 [ 168.567445] kmem_cachealloctrace+0x50/0x640 [ 168.567454] drmmodecreate+0x40/0x90 [ 168.567458] drmcvtmode+0x48/0xc78 [ 168.567477] virtiogpuconngetmodes+0xa8/0x140 [virtiogpu] [ 168.567485] drmhelperprobesingleconnectormodes+0x3a4/0xd80 [ 168.567492] drmmodegetconnector+0x2e0/0xa70 [ 168.567496] drmioctlkernel+0x11c/0x1d8 [ 168.567514] drmioctl+0x558/0x6d0 [ 168.567522] dovfsioctl+0x160/0xf30 [ 168.567525] ksysioctl+0x98/0xd8 [ 168.567530] _arm64sysioctl+0x50/0xc8 [ 168.567536] el0svccommon+0xc8/0x320 [ 168.567540] el0svchandler+0xf8/0x160 [ 168.567544] el0svc+0x10/0x218

KASAN stacktrace: [ 168.567561] BUG: KASAN: null-ptr-deref in virtiogpuconngetmodes+0xb4/0x140 [virtiogpu] [ 168.567565] Read of size 4 at addr 0000000000000054 by task syz/6425 [ 168.567566] [ 168.567571] CPU: 1 PID: 6425 Comm: syz Kdump: loaded Not tainted 4.19.90-vhulk2201.1.0.h1035.kasan.eulerosv2r10.aarch64 #1 [ 168.567573] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015 [ 168.567575] Call trace: [ 168.567578] dumpbacktrace+0x0/0x310 [ 168.567582] showstack+0x28/0x38 [ 168.567586] dumpstack+0xec/0x15c [ 168.567591] kasan_report+0x244/0x2f0 [ 168.567594] __asanload4+0x58/0xb0 [ 168.567607] virtiogpuconngetmodes+0xb4/0x140 [virtiogpu] [ 168.567612] drmhelperprobesingleconnectormodes+0x3a4/0xd80 [ 168.567617] drmmodegetconnector+0x2e0/0xa70 [ 168.567621] drmioctlkernel+0x11c/0x1d8 [ 168.567624] drmioctl+0x558/0x6d0 [ 168.567628] dovfsioctl+0x160/0xf30 [ 168.567632] ksys_ioctl+0x98/0xd8 [ 168.567636] _arm64sysioctl+0x50/0xc8 [ 168.567641] el0svccommon+0xc8/0x320 [ 168.567645] el0svchandler+0xf8/0x160 [ 168.567649] el0svc+0x10/0x218

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49532.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

dc5698e80cf724770283e10414054662bdf6ccfa

Fixed

e0828456578cc8ba0a69147f7ae3428392eec287

Fixed

848dd072744ea662ab3097e3c8282bee552df218

Fixed

edafcad84c4134ebec4bc24b29ca4497a1184eea

Fixed

f85cb059fad03a3b33a50023be91e944bb065ae8

Fixed

fadc626cae99aaa1325094edc6a9e2b883f3e562

Fixed

32e10aabc287f09a148ff759bb9ce70b01b0012c

Fixed

c51d00472fa54b9b05c17789ed665c17adf3a25d

Fixed

0f8bc147a963686b7351aa35d1701124ffacac08

Fixed

194d250cdc4a40ccbd179afd522a9e9846957402

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49532.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.2.0

Fixed

4.9.318

Type: ECOSYSTEM
Events: Introduced

4.10.0

Fixed

4.14.283

Type: ECOSYSTEM
Events: Introduced

4.15.0

Fixed

4.19.247

Type: ECOSYSTEM
Events: Introduced

4.20.0

Fixed

5.4.198

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.121

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.46

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

5.17.14

Type: ECOSYSTEM
Events: Introduced

5.18.0

Fixed

5.18.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49532.json"