cve-2022-48756
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-09-11 17:34
Severity ?
Summary
drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775cPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbePatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fdPatch
Impacted products
LinuxLinux
LinuxLinux
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:25:00.449Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48756",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:10:19.274762Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:47.609Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6d9f8ba28f37",
              "status": "affected",
              "version": "5c8290284402",
              "versionType": "git"
            },
            {
              "lessThan": "ca63eeb70fcb",
              "status": "affected",
              "version": "5c8290284402",
              "versionType": "git"
            },
            {
              "lessThan": "581317b1f001",
              "status": "affected",
              "version": "5c8290284402",
              "versionType": "git"
            },
            {
              "lessThan": "79c0b5287ded",
              "status": "affected",
              "version": "5c8290284402",
              "versionType": "git"
            },
            {
              "lessThan": "56480fb10b97",
              "status": "affected",
              "version": "5c8290284402",
              "versionType": "git"
            },
            {
              "lessThan": "2b7e7df1eacd",
              "status": "affected",
              "version": "5c8290284402",
              "versionType": "git"
            },
            {
              "lessThan": "5e761a228723",
              "status": "affected",
              "version": "5c8290284402",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "lessThan": "4.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.265",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.228",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.176",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.96",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.19",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.5",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-20T11:14:49.699Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"
        },
        {
          "url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"
        },
        {
          "url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"
        },
        {
          "url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"
        },
        {
          "url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"
        },
        {
          "url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"
        }
      ],
      "title": "drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable",
      "x_generator": {
        "engine": "bippy-7d53e8ef8be4"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48756",
    "datePublished": "2024-06-20T11:13:35.882Z",
    "dateReserved": "2024-06-20T11:09:39.059Z",
    "dateUpdated": "2024-09-11T17:34:47.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-48756\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-06-20T12:15:13.740\",\"lastModified\":\"2024-09-18T15:59:50.983\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\\n\\nThe function performs a check on the \\\"phy\\\" input parameter, however, it\\nis used before the check.\\n\\nInitialize the \\\"dev\\\" variable after the sanity check to avoid a possible\\nNULL pointer dereference.\\n\\nAddresses-Coverity-ID: 1493860 (\\\"Null pointer dereference\\\")\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: drm/msm/dsi: comprobaci\u00f3n de par\u00e1metro no v\u00e1lido en msm_dsi_phy_enable La funci\u00f3n realiza una comprobaci\u00f3n del par\u00e1metro de entrada \\\"phy\\\", sin embargo, se utiliza antes de la comprobaci\u00f3n. Inicialice la variable \\\"dev\\\" despu\u00e9s de la verificaci\u00f3n de cordura para evitar una posible desreferencia del puntero NULL. Direcciones-Coverity-ID: 1493860 (\\\"Desreferencia de puntero nulo\\\")\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.3\",\"versionEndExcluding\":\"4.14.265\",\"matchCriteriaId\":\"B72F14E6-57AC-4FFD-A66C-6C9F2831248F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.228\",\"matchCriteriaId\":\"87288F16-8DE4-4680-95D9-8601B47620D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.176\",\"matchCriteriaId\":\"581D4C61-D3FC-4DB2-85E3-EE596EEBA89E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.96\",\"matchCriteriaId\":\"27A6621A-A196-4220-957F-334B9124E477\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.19\",\"matchCriteriaId\":\"DF69DD7C-FD57-4914-ABB0-FAEF87B0289D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.16.5\",\"matchCriteriaId\":\"1AD9E77E-B27E-450C-8FD8-B64EC5FB002D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.