SB2025102355 - NULL pointer dereference in Linux kernel gpu drm driver
Published: October 23, 2025 Updated: October 26, 2025
Security Bulletin ID
SB2025102355
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2022-50556)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drm_mode_config_init_release() and drmm_mode_config_init() functions in drivers/gpu/drm/drm_mode_config.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/5ae70041a6d7de62a0cdb2bbcfe0c9cf753035d0
- https://git.kernel.org/stable/c/834c23e4f798dcdc8af251b3c428ceef94741991
- https://git.kernel.org/stable/c/961620ad67611a7320a49f4b6f3c5e2906833a03
- https://git.kernel.org/stable/c/b14147464251f66e38fa39f0aae9780466db8610
- https://git.kernel.org/stable/c/d06e827a65a6bcd2e329045d891d0739cec1cf4a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.99