DEBIAN-CVE-2022-49218
- Source
- https://security-tracker.debian.org/tracker/DEBIAN-CVE-2022-49218
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-49218.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-49218
- Upstream
- Published
- 2025-02-26T07:00:58Z
- Modified
- 2025-09-19T06:26:07Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix OOB read when handling Post Cursor2 register The linkstatus array was not large enough to read the Adjust Request Post Cursor2 register, so remove the common helper function to avoid an OOB read, found with a -Warray-bounds build: drivers/gpu/drm/drmdphelper.c: In function 'drmdpgetadjustrequestpostcursor': drivers/gpu/drm/drmdphelper.c:59:27: error: array subscript 10 is outside array bounds of 'const u8[6]' {aka 'const unsigned char[6]'} [-Werror=array-bounds] 59 | return linkstatus[r - DPLANE01STATUS]; | ~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~ drivers/gpu/drm/drmdphelper.c:147:51: note: while referencing 'linkstatus' 147 | u8 drmdpgetadjustrequestpostcursor(const u8 linkstatus[DPLINKSTATUSSIZE], | ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Replace the only user of the helper with an open-coded fetch and decode, similar to drivers/gpu/drm/amd/display/dc/core/dclinkdp.c.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source