5.5

CVE-2022-49232

drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()

In the Linux kernel, the following vulnerability has been resolved:

drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()

In amdgpu_dm_connector_add_common_modes(), amdgpu_dm_create_common_mode()
is assigned to mode and is passed to drm_mode_probed_add() directly after
that. drm_mode_probed_add() passes &mode->head to list_add_tail(), and
there is a dereference of it in list_add_tail() without recoveries, which
could lead to NULL pointer dereference on failure of
amdgpu_dm_create_common_mode().

Fix this by adding a NULL check of mode.

This bug was found by a static analyzer.

Builds with 'make allyesconfig' show no new warnings,
and our static analyzer no longer warns about this code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.15 < 4.19.238
LinuxLinux Kernel Version >= 4.20 < 5.4.189
LinuxLinux Kernel Version >= 5.5 < 5.10.110
LinuxLinux Kernel Version >= 5.11 < 5.15.33
LinuxLinux Kernel Version >= 5.16 < 5.16.19
LinuxLinux Kernel Version >= 5.17 < 5.17.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.166
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/19a7eba284790cfbba2945deb2363cf03ce41648
Patch
https://git.kernel.org/stable/c/2c729dec8c1e3e2892fde5ce8181553860914e74
Patch
https://git.kernel.org/stable/c/57f4ad5e286fe4599c8fc63cf89f85f9eec7f9c9
Patch
https://git.kernel.org/stable/c/588a70177df3b1777484267584ef38ab2ca899a2
Patch
https://git.kernel.org/stable/c/639b3b9def0a6a3f316a195d705d14113236e89c
Patch
https://git.kernel.org/stable/c/bdc7429708a0772d90c208975694f7c2133b1202
Patch
https://git.kernel.org/stable/c/f4eaa999fec78dec2a9c2d797438e05cbffb125b
Patch