| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100100-CVE-2022-50437-440f@gregkh> Date: Wed, 1 Oct 2025 13:42:10 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50437: drm/msm/hdmi: fix memory corruption with too many bridges From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight bridges. Patchwork: https://patchwork.freedesktop.org/patch/502670/ The Linux kernel CVE team has assigned CVE-2022-50437 to this issue. Affected and fixed versions =========================== Issue introduced in 3.12 with commit a3376e3ec81c5dd0622cbc187db76d2824d31c1c and fixed in 4.9.332 with commit a9c1a6991a9b5aa6d0f2cbc9b8c3bf6c4d094dfa Issue introduced in 3.12 with commit a3376e3ec81c5dd0622cbc187db76d2824d31c1c and fixed in 4.14.298 with commit e8f916b84e4b028ecad6c6472eaad543cc7df806 Issue introduced in 3.12 with commit a3376e3ec81c5dd0622cbc187db76d2824d31c1c and fixed in 4.19.264 with commit 3c43f3ec731c233eb84b66199ee76dbf3ec6ecae Issue introduced in 3.12 with commit a3376e3ec81c5dd0622cbc187db76d2824d31c1c and fixed in 5.4.223 with commit ed7f1ff87a4afea1bc220d2ff00a7ce8e61f0b53 Issue introduced in 3.12 with commit a3376e3ec81c5dd0622cbc187db76d2824d31c1c and fixed in 5.10.153 with commit 08c7375fa27a8ceee028868e03ffb3a0db919d44 Issue introduced in 3.12 with commit a3376e3ec81c5dd0622cbc187db76d2824d31c1c and fixed in 5.15.77 with commit b48949ab451eaf1e2c04c272c8a9a96a2b56546f Issue introduced in 3.12 with commit a3376e3ec81c5dd0622cbc187db76d2824d31c1c and fixed in 6.0.7 with commit 9efb45b45ff6254bfd1f1997a06725cb3fc998a5 Issue introduced in 3.12 with commit a3376e3ec81c5dd0622cbc187db76d2824d31c1c and fixed in 6.1 with commit 4c1294da6aed1f16d47a417dcfe6602833c3c95c Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50437 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/msm/hdmi/hdmi.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/a9c1a6991a9b5aa6d0f2cbc9b8c3bf6c4d094dfa https://git.kernel.org/stable/c/e8f916b84e4b028ecad6c6472eaad543cc7df806 https://git.kernel.org/stable/c/3c43f3ec731c233eb84b66199ee76dbf3ec6ecae https://git.kernel.org/stable/c/ed7f1ff87a4afea1bc220d2ff00a7ce8e61f0b53 https://git.kernel.org/stable/c/08c7375fa27a8ceee028868e03ffb3a0db919d44 https://git.kernel.org/stable/c/b48949ab451eaf1e2c04c272c8a9a96a2b56546f https://git.kernel.org/stable/c/9efb45b45ff6254bfd1f1997a06725cb3fc998a5 https://git.kernel.org/stable/c/4c1294da6aed1f16d47a417dcfe6602833c3c95c
Powered by blists - more mailing lists