5.5
CVE-2022-48756
- EPSS 0.21%
- Veröffentlicht 20.06.2024 12:15:13
- Zuletzt bearbeitet 21.11.2024 07:33:56
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
The function performs a check on the "phy" input parameter, however, it
is used before the check.
Initialize the "dev" variable after the sanity check to avoid a possible
NULL pointer dereference.
Addresses-Coverity-ID: 1493860 ("Null pointer dereference")Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.3 < 4.14.265
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.228
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.176
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.96
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.19
Linux ≫ Linux Kernel Version >= 5.16 < 5.16.5
Linux ≫ Linux Kernel Version5.17 Updaterc1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.111 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951
https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7
https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100
https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c
https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe
https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5
https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd