SB20251230234 - NULL pointer dereference in Linux kernel gpu drm driver

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2022-50884)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the drm_copy_field() function in drivers/gpu/drm/drm_ioctl.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/2d6708ea5c2033ff53267feff1876a717689989f
• https://git.kernel.org/stable/c/6cf5e9356b2d856403ee480f987f3ea64dbf8d8c
• https://git.kernel.org/stable/c/8052612b9d08048ebbebcb572894670b4ac07d2f
• https://git.kernel.org/stable/c/c28a8082b25ce4ec94999e10a30c50d20bd44a25
• https://git.kernel.org/stable/c/ca163e389f0ae096a4e1e19f0a95e60ed80b4e31
• https://git.kernel.org/stable/c/cdde55f97298e5bb9af6d41c9303a3ec545a370e
• https://git.kernel.org/stable/c/d213914386a0ede76a4549b41de30192fb92c595
• https://git.kernel.org/stable/c/ee9885cd936aad88f84d0cf90bf9a70e83e42a97
• https://git.kernel.org/stable/c/f6ee30407e883042482ad4ad30da5eaba47872ee
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.296
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.262
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.331
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.150
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.75
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.17
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.220
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.3
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1