ghsa-4m75-mg2m-9pf6
Vulnerability from github
Published
2025-06-18 12:30
Modified
2025-06-18 12:30
Details

In the Linux kernel, the following vulnerability has been resolved:

drm/i915: fix null pointer dereference

Asus chromebook CX550 crashes during boot on v5.17-rc1 kernel. The root cause is null pointer defeference of bi_next in tgl_get_bw_info() in drivers/gpu/drm/i915/display/intel_bw.c.

BUG: kernel NULL pointer dereference, address: 000000000000002e PGD 0 P4D 0 Oops: 0002 [#1] PREEMPT SMP NOPTI CPU: 0 PID: 1 Comm: swapper/0 Tainted: G U 5.17.0-rc1 Hardware name: Google Delbin/Delbin, BIOS Google_Delbin.13672.156.3 05/14/2021 RIP: 0010:tgl_get_bw_info+0x2de/0x510 ... [ 2.554467] Call Trace: [ 2.554467] [ 2.554467] intel_bw_init_hw+0x14a/0x434 [ 2.554467] ? _printk+0x59/0x73 [ 2.554467] ? _dev_err+0x77/0x91 [ 2.554467] i915_driver_hw_probe+0x329/0x33e [ 2.554467] i915_driver_probe+0x4c8/0x638 [ 2.554467] i915_pci_probe+0xf8/0x14e [ 2.554467] ? _raw_spin_unlock_irqrestore+0x12/0x2c [ 2.554467] pci_device_probe+0xaa/0x142 [ 2.554467] really_probe+0x13f/0x2f4 [ 2.554467] __driver_probe_device+0x9e/0xd3 [ 2.554467] driver_probe_device+0x24/0x7c [ 2.554467] __driver_attach+0xba/0xcf [ 2.554467] ? driver_attach+0x1f/0x1f [ 2.554467] bus_for_each_dev+0x8c/0xc0 [ 2.554467] bus_add_driver+0x11b/0x1f7 [ 2.554467] driver_register+0x60/0xea [ 2.554467] ? mipi_dsi_bus_init+0x16/0x16 [ 2.554467] i915_init+0x2c/0xb9 [ 2.554467] ? mipi_dsi_bus_init+0x16/0x16 [ 2.554467] do_one_initcall+0x12e/0x2b3 [ 2.554467] do_initcall_level+0xd6/0xf3 [ 2.554467] do_initcalls+0x4e/0x79 [ 2.554467] kernel_init_freeable+0xed/0x14d [ 2.554467] ? rest_init+0xc1/0xc1 [ 2.554467] kernel_init+0x1a/0x120 [ 2.554467] ret_from_fork+0x1f/0x30 [ 2.554467] ... Kernel panic - not syncing: Fatal exception

(cherry picked from commit c247cd03898c4c43c3bce6d4014730403bc13032)

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-49960"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-18T11:15:23Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: fix null pointer dereference\n\nAsus chromebook CX550 crashes during boot on v5.17-rc1 kernel.\nThe root cause is null pointer defeference of bi_next\nin tgl_get_bw_info() in drivers/gpu/drm/i915/display/intel_bw.c.\n\nBUG: kernel NULL pointer dereference, address: 000000000000002e\nPGD 0 P4D 0\nOops: 0002 [#1] PREEMPT SMP NOPTI\nCPU: 0 PID: 1 Comm: swapper/0 Tainted: G     U            5.17.0-rc1\nHardware name: Google Delbin/Delbin, BIOS Google_Delbin.13672.156.3 05/14/2021\nRIP: 0010:tgl_get_bw_info+0x2de/0x510\n...\n[    2.554467] Call Trace:\n[    2.554467]  \u003cTASK\u003e\n[    2.554467]  intel_bw_init_hw+0x14a/0x434\n[    2.554467]  ? _printk+0x59/0x73\n[    2.554467]  ? _dev_err+0x77/0x91\n[    2.554467]  i915_driver_hw_probe+0x329/0x33e\n[    2.554467]  i915_driver_probe+0x4c8/0x638\n[    2.554467]  i915_pci_probe+0xf8/0x14e\n[    2.554467]  ? _raw_spin_unlock_irqrestore+0x12/0x2c\n[    2.554467]  pci_device_probe+0xaa/0x142\n[    2.554467]  really_probe+0x13f/0x2f4\n[    2.554467]  __driver_probe_device+0x9e/0xd3\n[    2.554467]  driver_probe_device+0x24/0x7c\n[    2.554467]  __driver_attach+0xba/0xcf\n[    2.554467]  ? driver_attach+0x1f/0x1f\n[    2.554467]  bus_for_each_dev+0x8c/0xc0\n[    2.554467]  bus_add_driver+0x11b/0x1f7\n[    2.554467]  driver_register+0x60/0xea\n[    2.554467]  ? mipi_dsi_bus_init+0x16/0x16\n[    2.554467]  i915_init+0x2c/0xb9\n[    2.554467]  ? mipi_dsi_bus_init+0x16/0x16\n[    2.554467]  do_one_initcall+0x12e/0x2b3\n[    2.554467]  do_initcall_level+0xd6/0xf3\n[    2.554467]  do_initcalls+0x4e/0x79\n[    2.554467]  kernel_init_freeable+0xed/0x14d\n[    2.554467]  ? rest_init+0xc1/0xc1\n[    2.554467]  kernel_init+0x1a/0x120\n[    2.554467]  ret_from_fork+0x1f/0x30\n[    2.554467]  \u003c/TASK\u003e\n...\nKernel panic - not syncing: Fatal exception\n\n(cherry picked from commit c247cd03898c4c43c3bce6d4014730403bc13032)",
  "id": "GHSA-4m75-mg2m-9pf6",
  "modified": "2025-06-18T12:30:37Z",
  "published": "2025-06-18T12:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49960"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/458ec0c8f35963626ccd51c3d50b752de5f1b9d4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c2798203315f4729bab0b917bf4c17a159abf9f8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.