DEBIAN-CVE-2022-50317
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50317
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50317.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-50317
- Upstream
- Published
- 2025-09-15T15:15:43Z
- Modified
- 2025-09-19T07:33:07.799705Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered [ 31.912484] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI [ 31.913338] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 31.915280] RIP: 0010:drmbridgeremove+0x97/0x130 [ 31.921825] Call Trace: [ 31.922533] stdp4028geb850v3fwremove+0x34/0x60 [megachipsstdpxxxxgeb850v3fw] [ 31.923139] i2cdeviceremove+0x181/0x1f0 The two bridges (stdp2690, stdp4028) do not probe at the same time, so the driver does not call geb850v3resgiter() when probing, causing the driver to try to remove the object that has not been initialized. Fix this by checking whether both the bridges are probed.
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.158-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source