-
CVE-2022-50102
- EPSS 0.04%
- Published 18.06.2025 11:02:38
- Last modified 18.06.2025 13:47:40
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug in: drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info->var.pixclock) / hmul); with hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0. and then in: drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par->dac, 0, 1000000000 / pixclock); we'll get a division-by-zero. The following log can reveal it: divide error: 0000 [#1] PREEMPT SMP KASAN PTI RIP: 0010:ark_set_pixclock drivers/video/fbdev/arkfb.c:504 [inline] RIP: 0010:arkfb_set_par+0x10fc/0x24c0 drivers/video/fbdev/arkfb.c:784 Call Trace: fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034 do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110 fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189 Fix this by checking the argument of ark_set_pixclock() first.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
76b3f0a0b56e53a960a14624a0f48b3d94b5e7e7
Version
681e14730c73cc2c71af282c001de6bc71c22f00
Status
affected
Version <
b9a66f23612b84617e04412169e155a4b92f632d
Version
681e14730c73cc2c71af282c001de6bc71c22f00
Status
affected
Version <
a249e1b89ca25e1c34bdf96154e3f6224a91a9af
Version
681e14730c73cc2c71af282c001de6bc71c22f00
Status
affected
Version <
0288fa799e273b08839037499d704dc7bdc13e9a
Version
681e14730c73cc2c71af282c001de6bc71c22f00
Status
affected
Version <
236c1502520b7b08955467ec2e50b3232e34f1f9
Version
681e14730c73cc2c71af282c001de6bc71c22f00
Status
affected
Version <
9ebc5031958c1f3a2795e4533b4091d77c738d14
Version
681e14730c73cc2c71af282c001de6bc71c22f00
Status
affected
Version <
15661642511b2b192077684a89f42a8d95d54286
Version
681e14730c73cc2c71af282c001de6bc71c22f00
Status
affected
Version <
2f1c4523f7a3aaabe7e53d3ebd378292947e95c8
Version
681e14730c73cc2c71af282c001de6bc71c22f00
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
2.6.22
Status
affected
Version <
2.6.22
Version
0
Status
unaffected
Version <=
4.14.*
Version
4.14.291
Status
unaffected
Version <=
4.19.*
Version
4.19.256
Status
unaffected
Version <=
5.4.*
Version
5.4.211
Status
unaffected
Version <=
5.10.*
Version
5.10.137
Status
unaffected
Version <=
5.15.*
Version
5.15.61
Status
unaffected
Version <=
5.18.*
Version
5.18.18
Status
unaffected
Version <=
5.19.*
Version
5.19.2
Status
unaffected
Version <=
*
Version
6.0
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.094 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|