Home

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix use-after-free on probe deferral The bridge counter was never reset when tearing down the DRM device so that stale pointers to deallocated structures would be accessed on the next tear down (e.g. after a second late bind deferral). Given enough bridges and a few probe deferrals this could currently also lead to data beyond the bridge array being corrupted. Patchwork: https://patchwork.freedesktop.org/patch/502665/

PUBLISHED Reserved 2025-10-04 | Published 2025-10-04 | Updated 2025-10-04 | Assigner Linux

Product status

Default status
unaffected

a3376e3ec81c5dd0622cbc187db76d2824d31c1c before 0a30a47741b6df1f9555a0fac6aebb7e8c363bad
affected

a3376e3ec81c5dd0622cbc187db76d2824d31c1c before 6808abdb33bf90330e70a687d29f038507e06ebb
affected

Default status
affected

3.12
affected

Any version before 3.12
unaffected

6.0.7
unaffected

6.1
unaffected

References

git.kernel.org/...c/0a30a47741b6df1f9555a0fac6aebb7e8c363bad

git.kernel.org/...c/6808abdb33bf90330e70a687d29f038507e06ebb

cve.org (CVE-2022-50492)

nvd.nist.gov (CVE-2022-50492)

Download JSON