5.5
CVE-2022-48749
- EPSS 0.23%
- Veröffentlicht 20.06.2024 12:15:13
- Zuletzt bearbeitet 21.11.2024 07:33:55
- CVE-Watchlists
- Unerledigt
drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
The function performs a check on the "ctx" input parameter, however, it
is used before the check.
Initialize the "base" variable after the sanity check to avoid a
possible NULL pointer dereference.
Addresses-Coverity-ID: 1493866 ("Null pointer dereference")Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.8 < 5.10.96
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.19
Linux ≫ Linux Kernel Version >= 5.16 < 5.16.5
Linux ≫ Linux Kernel Version5.17 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.129 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/170b22234d5495f5e0844246e23f004639ee89ba
https://git.kernel.org/stable/c/1ebc18836d5df09061657f8c548e594cbb519476
https://git.kernel.org/stable/c/8f069f6dde518dfebe86e848508c07e497bd9298
https://git.kernel.org/stable/c/93a6e920d8ccb4df846c03b6e72f7e08843d294c