7.8

CVE-2022-50437

drm/msm/hdmi: fix memory corruption with too many bridges

In the Linux kernel, the following vulnerability has been resolved:

drm/msm/hdmi: fix memory corruption with too many bridges

Add the missing sanity check on the bridge counter to avoid corrupting
data beyond the fixed-sized bridge array in case there are ever more
than eight bridges.

Patchwork: https://patchwork.freedesktop.org/patch/502670/
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.12 < 4.9.332
LinuxLinux Kernel Version >= 4.10 < 4.14.298
LinuxLinux Kernel Version >= 4.15 < 4.19.264
LinuxLinux Kernel Version >= 4.20 < 5.4.223
LinuxLinux Kernel Version >= 5.5 < 5.10.153
LinuxLinux Kernel Version >= 5.11 < 5.15.77
LinuxLinux Kernel Version >= 5.16 < 6.0.7
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.049
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/08c7375fa27a8ceee028868e03ffb3a0db919d44
Patch
https://git.kernel.org/stable/c/3c43f3ec731c233eb84b66199ee76dbf3ec6ecae
Patch
https://git.kernel.org/stable/c/4c1294da6aed1f16d47a417dcfe6602833c3c95c
Patch
https://git.kernel.org/stable/c/9efb45b45ff6254bfd1f1997a06725cb3fc998a5
Patch
https://git.kernel.org/stable/c/a9c1a6991a9b5aa6d0f2cbc9b8c3bf6c4d094dfa
Patch
https://git.kernel.org/stable/c/b48949ab451eaf1e2c04c272c8a9a96a2b56546f
Patch
https://git.kernel.org/stable/c/e8f916b84e4b028ecad6c6472eaad543cc7df806
Patch
https://git.kernel.org/stable/c/ed7f1ff87a4afea1bc220d2ff00a7ce8e61f0b53
Patch