FKIE_CVE-2022-50556

Vulnerability from fkie_nvd - Published: 2025-10-22 14:15 - Updated: 2025-10-22 21:12
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() drmm_mode_config_init() will call drm_mode_create_standard_properties() and won't check the ret value. When drm_mode_create_standard_properties() failed due to alloc, property will be a NULL pointer and may causes the null-ptr-deref. Fix the null-ptr-deref by adding the ret value check. Found null-ptr-deref while testing insert module bochs: general protection fault, probably for non-canonical address 0xdffffc000000000c: 0000 [#1] SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000060-0x0000000000000067] CPU: 3 PID: 249 Comm: modprobe Not tainted 6.1.0-rc1+ #364 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014 RIP: 0010:drm_object_attach_property+0x73/0x3c0 [drm] Call Trace: <TASK> __drm_connector_init+0xb6c/0x1100 [drm] bochs_pci_probe.cold.11+0x4cb/0x7fe [bochs] pci_device_probe+0x17d/0x340 really_probe+0x1db/0x5d0 __driver_probe_device+0x1e7/0x250 driver_probe_device+0x4a/0x120 __driver_attach+0xcd/0x2c0 bus_for_each_dev+0x11a/0x1b0 bus_add_driver+0x3d7/0x500 driver_register+0x18e/0x320 do_one_initcall+0xc4/0x3e0 do_init_module+0x1b4/0x630 load_module+0x5dca/0x7230 __do_sys_finit_module+0x100/0x170 do_syscall_64+0x3f/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7ff65af9f839
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5ae70041a6d7de62a0cdb2bbcfe0c9cf753035d0
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/834c23e4f798dcdc8af251b3c428ceef94741991
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/961620ad67611a7320a49f4b6f3c5e2906833a03
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b14147464251f66e38fa39f0aae9780466db8610
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d06e827a65a6bcd2e329045d891d0739cec1cf4a
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Fix potential null-ptr-deref due to drmm_mode_config_init()\n\ndrmm_mode_config_init() will call drm_mode_create_standard_properties()\nand won\u0027t check the ret value. When drm_mode_create_standard_properties()\nfailed due to alloc, property will be a NULL pointer and may causes the\nnull-ptr-deref. Fix the null-ptr-deref by adding the ret value check.\n\nFound null-ptr-deref while testing insert module bochs:\ngeneral protection fault, probably for non-canonical address\n    0xdffffc000000000c: 0000 [#1] SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000060-0x0000000000000067]\nCPU: 3 PID: 249 Comm: modprobe Not tainted 6.1.0-rc1+ #364\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nrel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\nRIP: 0010:drm_object_attach_property+0x73/0x3c0 [drm]\nCall Trace:\n \u003cTASK\u003e\n __drm_connector_init+0xb6c/0x1100 [drm]\n bochs_pci_probe.cold.11+0x4cb/0x7fe [bochs]\n pci_device_probe+0x17d/0x340\n really_probe+0x1db/0x5d0\n __driver_probe_device+0x1e7/0x250\n driver_probe_device+0x4a/0x120\n __driver_attach+0xcd/0x2c0\n bus_for_each_dev+0x11a/0x1b0\n bus_add_driver+0x3d7/0x500\n driver_register+0x18e/0x320\n do_one_initcall+0xc4/0x3e0\n do_init_module+0x1b4/0x630\n load_module+0x5dca/0x7230\n __do_sys_finit_module+0x100/0x170\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7ff65af9f839"
    }
  ],
  "id": "CVE-2022-50556",
  "lastModified": "2025-10-22T21:12:48.953",
  "metrics": {},
  "published": "2025-10-22T14:15:39.673",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5ae70041a6d7de62a0cdb2bbcfe0c9cf753035d0"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/834c23e4f798dcdc8af251b3c428ceef94741991"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/961620ad67611a7320a49f4b6f3c5e2906833a03"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/b14147464251f66e38fa39f0aae9780466db8610"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d06e827a65a6bcd2e329045d891d0739cec1cf4a"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.