nvd-json-data-feeds/CVE-2022/CVE-2022-490xx/CVE-2022-49070.json

{
  "id": "CVE-2022-49070",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2025-02-26T07:00:44.217",
  "lastModified": "2025-02-26T07:00:44.217",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix unregistering of framebuffers without device\n\nOF framebuffers do not have an underlying device in the Linux\ndevice hierarchy. Do a regular unregister call instead of hot\nunplugging such a non-existing device. Fixes a NULL dereference.\nAn example error message on ppc64le is shown below.\n\n  BUG: Kernel NULL pointer dereference on read at 0x00000060\n  Faulting instruction address: 0xc00000000080dfa4\n  Oops: Kernel access of bad area, sig: 11 [#1]\n  LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\n  [...]\n  CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1\n  NIP:  c00000000080dfa4 LR: c00000000080df9c CTR: c000000000797430\n  REGS: c000000004132fe0 TRAP: 0300   Not tainted  (5.17.0-ae085d7f9365)\n  MSR:  8000000002009033 <SF,VEC,EE,ME,IR,DR,RI,LE>  CR: 28228282  XER: 20000000\n  CFAR: c00000000000c80c DAR: 0000000000000060 DSISR: 40000000 IRQMASK: 0\n  GPR00: c00000000080df9c c000000004133280 c00000000169d200 0000000000000029\n  GPR04: 00000000ffffefff c000000004132f90 c000000004132f88 0000000000000000\n  GPR08: c0000000015658f8 c0000000015cd200 c0000000014f57d0 0000000048228283\n  GPR12: 0000000000000000 c00000003fffe300 0000000020000000 0000000000000000\n  GPR16: 0000000000000000 0000000113fc4a40 0000000000000005 0000000113fcfb80\n  GPR20: 000001000f7283b0 0000000000000000 c000000000e4a588 c000000000e4a5b0\n  GPR24: 0000000000000001 00000000000a0000 c008000000db0168 c0000000021f6ec0\n  GPR28: c0000000016d65a8 c000000004b36460 0000000000000000 c0000000016d64b0\n  NIP [c00000000080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0\n  [c000000004133280] [c00000000080df9c] do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)\n  [c000000004133350] [c00000000080e4d0] remove_conflicting_framebuffers+0x60/0x150\n  [c0000000041333a0] [c00000000080e6f4] remove_conflicting_pci_framebuffers+0x134/0x1b0\n  [c000000004133450] [c008000000e70438] drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]\n  [c000000004133490] [c008000000da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]\n  [...]\n  [c000000004133db0] [c00000000002aaa0] system_call_exception+0x170/0x2d0\n  [c000000004133e10] [c00000000000c3cc] system_call_common+0xec/0x250\n\nThe bug [1] was introduced by commit 27599aacbaef (\"fbdev: Hot-unplug\nfirmware fb devices on forced removal\"). Most firmware framebuffers\nhave an underlying platform device, which can be hot-unplugged\nbefore loading the native graphics driver. OF framebuffers do not\n(yet) have that device. Fix the code by unregistering the framebuffer\nas before without a hot unplug.\n\nTested with 5.17 on qemu ppc64le emulation."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/0f525289ff0ddeb380813bd81e0f9bdaaa1c9078",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/2388f826cdc9af2651991adc0feb79de9bdf2232",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/de33df481545974ba47c46f05194e769e4307843",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/feed87ff122b1640c221d4dd559442ab2cd50bb1",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ]
}
Auto-Update: 2025-02-26T19:00:22.362560+00:00 2025-02-26 19:03:52 +00:00			`{`
			`"id": "CVE-2022-49070",`
			`"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",`
			`"published": "2025-02-26T07:00:44.217",`
			`"lastModified": "2025-02-26T07:00:44.217",`
			`"vulnStatus": "Received",`
			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix unregistering of framebuffers without device\n\nOF framebuffers do not have an underlying device in the Linux\ndevice hierarchy. Do a regular unregister call instead of hot\nunplugging such a non-existing device. Fixes a NULL dereference.\nAn example error message on ppc64le is shown below.\n\n BUG: Kernel NULL pointer dereference on read at 0x00000060\n Faulting instruction address: 0xc00000000080dfa4\n Oops: Kernel access of bad area, sig: 11 [#1]\n LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\n [...]\n CPU: 2 PID: 139 Comm: systemd-udevd Not tainted 5.17.0-ae085d7f9365 #1\n NIP: c00000000080dfa4 LR: c00000000080df9c CTR: c000000000797430\n REGS: c000000004132fe0 TRAP: 0300 Not tainted (5.17.0-ae085d7f9365)\n MSR: 8000000002009033 <SF,VEC,EE,ME,IR,DR,RI,LE> CR: 28228282 XER: 20000000\n CFAR: c00000000000c80c DAR: 0000000000000060 DSISR: 40000000 IRQMASK: 0\n GPR00: c00000000080df9c c000000004133280 c00000000169d200 0000000000000029\n GPR04: 00000000ffffefff c000000004132f90 c000000004132f88 0000000000000000\n GPR08: c0000000015658f8 c0000000015cd200 c0000000014f57d0 0000000048228283\n GPR12: 0000000000000000 c00000003fffe300 0000000020000000 0000000000000000\n GPR16: 0000000000000000 0000000113fc4a40 0000000000000005 0000000113fcfb80\n GPR20: 000001000f7283b0 0000000000000000 c000000000e4a588 c000000000e4a5b0\n GPR24: 0000000000000001 00000000000a0000 c008000000db0168 c0000000021f6ec0\n GPR28: c0000000016d65a8 c000000004b36460 0000000000000000 c0000000016d64b0\n NIP [c00000000080dfa4] do_remove_conflicting_framebuffers+0x184/0x1d0\n [c000000004133280] [c00000000080df9c] do_remove_conflicting_framebuffers+0x17c/0x1d0 (unreliable)\n [c000000004133350] [c00000000080e4d0] remove_conflicting_framebuffers+0x60/0x150\n [c0000000041333a0] [c00000000080e6f4] remove_conflicting_pci_framebuffers+0x134/0x1b0\n [c000000004133450] [c008000000e70438] drm_aperture_remove_conflicting_pci_framebuffers+0x90/0x100 [drm]\n [c000000004133490] [c008000000da0ce4] bochs_pci_probe+0x6c/0xa64 [bochs]\n [...]\n [c000000004133db0] [c00000000002aaa0] system_call_exception+0x170/0x2d0\n [c000000004133e10] [c00000000000c3cc] system_call_common+0xec/0x250\n\nThe bug [1] was introduced by commit 27599aacbaef (\"fbdev: Hot-unplug\nfirmware fb devices on forced removal\"). Most firmware framebuffers\nhave an underlying platform device, which can be hot-unplugged\nbefore loading the native graphics driver. OF framebuffers do not\n(yet) have that device. Fix the code by unregistering the framebuffer\nas before without a hot unplug.\n\nTested with 5.17 on qemu ppc64le emulation."
			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://git.kernel.org/stable/c/0f525289ff0ddeb380813bd81e0f9bdaaa1c9078",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/2388f826cdc9af2651991adc0feb79de9bdf2232",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/de33df481545974ba47c46f05194e769e4307843",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/feed87ff122b1640c221d4dd559442ab2cd50bb1",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`}`
			`]`
			`}`