cve-2022-48756
Vulnerability from cvelistv5
Published
2024-06-20 11:13
Modified
2024-11-04 12:15
Severity ?
EPSS score ?
Summary
drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:00.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48756",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:19.274762Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6d9f8ba28f37",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "ca63eeb70fcb",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "581317b1f001",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "79c0b5287ded",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "56480fb10b97",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "2b7e7df1eacd",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
},
{
"lessThan": "5e761a228723",
"status": "affected",
"version": "5c8290284402",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.3"
},
{
"lessThan": "4.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")"
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T12:15:53.161Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"
},
{
"url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"
},
{
"url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"
},
{
"url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"
},
{
"url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"
},
{
"url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"
},
{
"url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"
}
],
"title": "drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable",
"x_generator": {
"engine": "bippy-9e1c9544281a"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48756",
"datePublished": "2024-06-20T11:13:35.882Z",
"dateReserved": "2024-06-20T11:09:39.059Z",
"dateUpdated": "2024-11-04T12:15:53.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-48756\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-06-20T12:15:13.740\",\"lastModified\":\"2024-09-18T15:59:50.983\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\\n\\nThe function performs a check on the \\\"phy\\\" input parameter, however, it\\nis used before the check.\\n\\nInitialize the \\\"dev\\\" variable after the sanity check to avoid a possible\\nNULL pointer dereference.\\n\\nAddresses-Coverity-ID: 1493860 (\\\"Null pointer dereference\\\")\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: drm/msm/dsi: comprobaci\u00f3n de par\u00e1metro no v\u00e1lido en msm_dsi_phy_enable La funci\u00f3n realiza una comprobaci\u00f3n del par\u00e1metro de entrada \\\"phy\\\", sin embargo, se utiliza antes de la comprobaci\u00f3n. Inicialice la variable \\\"dev\\\" despu\u00e9s de la verificaci\u00f3n de cordura para evitar una posible desreferencia del puntero NULL. Direcciones-Coverity-ID: 1493860 (\\\"Desreferencia de puntero nulo\\\")\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.3\",\"versionEndExcluding\":\"4.14.265\",\"matchCriteriaId\":\"B72F14E6-57AC-4FFD-A66C-6C9F2831248F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.228\",\"matchCriteriaId\":\"87288F16-8DE4-4680-95D9-8601B47620D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.176\",\"matchCriteriaId\":\"581D4C61-D3FC-4DB2-85E3-EE596EEBA89E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.96\",\"matchCriteriaId\":\"27A6621A-A196-4220-957F-334B9124E477\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.19\",\"matchCriteriaId\":\"DF69DD7C-FD57-4914-ABB0-FAEF87B0289D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.16.5\",\"matchCriteriaId\":\"1AD9E77E-B27E-450C-8FD8-B64EC5FB002D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.