CVE-2022-48718

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer which drm_atomic_get_new_bridge_state is allowed to return. Assume a fixed format instead.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/622c9a3a7868e1eeca39c55305ca3ebec4742b64	Patch
https://git.kernel.org/stable/c/6f9267e01cca749137349d8ffb0d0ebbadf567f4	Patch
https://git.kernel.org/stable/c/86a337bb803040e4401b87c974a7fb92efe3d0e1	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.17:rc2::::::

History

18 Sep 2024, 16:59

Type	Values Removed	Values Added
First Time		Linux Linux linux Kernel
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/622c9a3a7868e1eeca39c55305ca3ebec4742b64 -~~	() https://git.kernel.org/stable/c/622c9a3a7868e1eeca39c55305ca3ebec4742b64 - Patch
References	~~() https://git.kernel.org/stable/c/6f9267e01cca749137349d8ffb0d0ebbadf567f4 -~~	() https://git.kernel.org/stable/c/6f9267e01cca749137349d8ffb0d0ebbadf567f4 - Patch
References	~~() https://git.kernel.org/stable/c/86a337bb803040e4401b87c974a7fb92efe3d0e1 -~~	() https://git.kernel.org/stable/c/86a337bb803040e4401b87c974a7fb92efe3d0e1 - Patch
CPE		cpe:2.3:o:linux:linux_kernel:5.17:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.17:rc1:::::: cpe:2.3:o:linux:linux_kernel::::::::
CWE		CWE-476

20 Jun 2024, 12:43

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm: mxsfb: corrige la desreferencia del puntero NULL. mxsfb nunca debería desreferenciar el puntero NULL que drm_atomic_get_new_bridge_state puede devolver. En su lugar, asuma un formato fijo.

20 Jun 2024, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-20 11:15

Updated : 2024-09-18 16:59

NVD link : CVE-2022-48718

Mitre link : CVE-2022-48718

CVE.ORG link : CVE-2022-48718

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

5.5 /10