CVE-2022-50173 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Fix global state lock backoff We need to grab the lock after the early return for !hwpipe case. Otherwise, we could have hit contention yet still returned 0. Fixes an issue that the new CONFIG_DRM_DEBUG_MODESET_LOCK stuff flagged in CI: WARNING: CPU: 0 PID: 282 at drivers/gpu/drm/drm_modeset_lock.c:296 drm_modeset_lock+0xf8/0x154 Modules linked in: CPU: 0 PID: 282 Comm: kms_cursor_lega Tainted: G W 5.19.0-rc2-15930-g875cc8bc536a #1 Hardware name: Qualcomm Technologies, Inc. DB820c (DT) pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : drm_modeset_lock+0xf8/0x154 lr : drm_atomic_get_private_obj_state+0x84/0x170 sp : ffff80000cfab6a0 x29: ffff80000cfab6a0 x28: 0000000000000000 x27: ffff000083bc4d00 x26: 0000000000000038 x25: 0000000000000000 x24: ffff80000957ca58 x23: 0000000000000000 x22: ffff000081ace080 x21: 0000000000000001 x20: ffff000081acec18 x19: ffff80000cfabb80 x18: 0000000000000038 x17: 0000000000000000 x16: 0000000000000000 x15: fffffffffffea0d0 x14: 0000000000000000 x13: 284e4f5f4e524157 x12: 5f534b434f4c5f47 x11: ffff80000a386aa8 x10: 0000000000000029 x9 : ffff80000cfab610 x8 : 0000000000000029 x7 : 0000000000000014 x6 : 0000000000000000 x5 : 0000000000000001 x4 : ffff8000081ad904 x3 : 0000000000000029 x2 : ffff0000801db4c0 x1 : ffff80000cfabb80 x0 : ffff000081aceb58 Call trace: drm_modeset_lock+0xf8/0x154 drm_atomic_get_private_obj_state+0x84/0x170 mdp5_get_global_state+0x54/0x6c mdp5_pipe_release+0x2c/0xd4 mdp5_plane_atomic_check+0x2ec/0x414 drm_atomic_helper_check_planes+0xd8/0x210 drm_atomic_helper_check+0x54/0xb0 ... ---[ end trace 0000000000000000 ]--- drm_modeset_lock attempting to lock a contended lock without backoff: drm_modeset_lock+0x148/0x154 mdp5_get_global_state+0x30/0x6c mdp5_pipe_release+0x2c/0xd4 mdp5_plane_atomic_check+0x290/0x414 drm_atomic_helper_check_planes+0xd8/0x210 drm_atomic_helper_check+0x54/0xb0 drm_atomic_check_only+0x4b0/0x8f4 drm_atomic_commit+0x68/0xe0 Patchwork: https://patchwork.freedesktop.org/patch/492701/

Reserved 2025-06-18 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status

unaffected

776f5c58bfe16cf322d71eeed3c5dda1eeac7e6b before 247f2934324f9a18d18df24ea4bfcc7d4631d0ef

affected

b2aa2c4efe93e2580d6a8774b04fe2b99756a322 before 2e34d6c8180a398de6448a93df25068bf3062042

affected

49dc28b4b2e28ef7564e355c91487996c1cbebd7 before bf386c955f35a0a01bef482b6035d40ff2f6cc75

affected

04bef5f1ba8ea6d7c1c8f5f65e0395c62db59cb8 before f4e3a8c7e890049e7ba2b49ad0315dae841dfa55

affected

33dc5aac46e0fad8f5eb193e5906ed0eb6b66ceb before 2fdf5a54ef9376ff69149a48c5616f1141008c9f

affected

d59be579fa932c46b908f37509f319cbd4ca9a68 before 0b07f28c23ff50a7fa5dbc3f6b3b6bd53ac9fc70

affected

d59be579fa932c46b908f37509f319cbd4ca9a68 before 92ef86ab513593c6329d04146e61f9a670e72fc5

affected

19964dfb39bda4d7716a71009488f0668ecbcf52

affected

Default status

affected

5.19

affected

Any version before 5.19

unaffected

4.19.256

unaffected

5.4.211

unaffected

5.10.137

unaffected

5.15.61

unaffected

5.18.18

unaffected

5.19.2

unaffected

6.0

unaffected

References

git.kernel.org/...c/247f2934324f9a18d18df24ea4bfcc7d4631d0ef

git.kernel.org/...c/2e34d6c8180a398de6448a93df25068bf3062042

git.kernel.org/...c/bf386c955f35a0a01bef482b6035d40ff2f6cc75

git.kernel.org/...c/f4e3a8c7e890049e7ba2b49ad0315dae841dfa55

git.kernel.org/...c/2fdf5a54ef9376ff69149a48c5616f1141008c9f

git.kernel.org/...c/0b07f28c23ff50a7fa5dbc3f6b3b6bd53ac9fc70

git.kernel.org/...c/92ef86ab513593c6329d04146e61f9a670e72fc5

cve.org (CVE-2022-50173)

nvd.nist.gov (CVE-2022-50173)

Download JSON