CVE-2022-49495

drm/msm/hdmi: check return value after calling platform_get_resource_byname()

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/hdmi: check return value after calling platform_get_resource_byname() It will cause null-ptr-deref if platform_get_resource_byname() returns NULL, we need check the return value. Patchwork: https://patchwork.freedesktop.org/patch/482992/

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/9cb1ee33efccb8b107ee04b7b3441820de3fd2da patch
https://git.kernel.org/stable/c/c1bfacf0daf25a5fc7d667399d6ff2dffda84cd8 patch
https://git.kernel.org/stable/c/0978fcce91b90b561b8c82e7c492ba9fc8440eef patch
https://git.kernel.org/stable/c/2b3ed7547b1a052209da6c4ab886ffe0eed88c42 patch
https://git.kernel.org/stable/c/d9cb951d11a4ace4de5c50b1178ad211de17079e patch
https://git.kernel.org/stable/c/4cd66a8016b872a153bf892fe4258cbc0dacf5b1 patch
https://git.kernel.org/stable/c/6369dda4a2209142ab819f01d3d2076d81e3ebdd patch
https://git.kernel.org/stable/c/9f5495a5c51c1d11c6ffc13aa2befffec0c2651a patch
https://git.kernel.org/stable/c/a36e506711548df923ceb7ec9f6001375be799a5 patch

Frequently Asked Questions

What is the severity of CVE-2022-49495?
CVE-2022-49495 has been scored as a medium severity vulnerability.
How to fix CVE-2022-49495?
To fix CVE-2022-49495, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49495 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49495 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49495?
CVE-2022-49495 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.