DEBIAN-CVE-2022-50412

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2022-50412

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50412.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-50412

Upstream

CVE-2022-50412

Published

2025-09-18T16:15:44Z

Modified

2025-09-19T15:31:09.989246Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: drm: bridge: adv7511: unregister cec i2c device after cec adapter cecunregisteradapter() assumes that the underlying adapter ops are callable. For example, if the CEC adapter currently has a valid physical address, then the unregistration procedure will invalidate the physical address by setting it to f.f.f.f. Whence the following kernel oops observed after removing the adv7511 module: Unable to handle kernel execution of user memory at virtual address 0000000000000000 Internal error: Oops: 86000004 [#1] PREEMPTRT SMP Call trace: 0x0 adv7511cecadaplogaddr+0x1ac/0x1c8 [adv7511] cecadapunconfigure+0x44/0x90 [cec] _cecsphysaddr.part.0+0x68/0x230 [cec] _cecsphysaddr+0x40/0x50 [cec] cecunregisteradapter+0xb4/0x118 [cec] adv7511remove+0x60/0x90 [adv7511] i2cdeviceremove+0x34/0xe0 devicereleasedriverinternal+0x114/0x1f0 driverdetach+0x54/0xe0 busremovedriver+0x60/0xd8 driverunregister+0x34/0x60 i2cdeldriver+0x2c/0x68 adv7511exit+0x1c/0x67c [adv7511] _arm64sysdeletemodule+0x154/0x288 invokesyscall+0x48/0x100 el0svccommon.constprop.0+0x48/0xe8 doel0svc+0x28/0x88 el0svc+0x1c/0x50 el0t64synchandler+0xa8/0xb0 el0t64sync+0x15c/0x160 Code: bad PC value ---[ end trace 0000000000000000 ]--- Protect against this scenario by unregistering i2ccec after unregistering the CEC adapter. Duly disable the CEC clock afterwards too.

References

https://security-tracker.debian.org/tracker/CVE-2022-50412

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.234-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

5.10.178-1

5.10.178-2

5.10.178-3

5.10.179-1

5.10.179-2

5.10.179-3

5.10.179-4

5.10.179-5

5.10.191-1

5.10.197-1

5.10.205-1

5.10.205-2

5.10.209-1

5.10.209-2

5.10.216-1

5.10.218-1

5.10.221-1

5.10.223-1

5.10.226-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.0.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.0.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.0.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}