{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48756", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-20T11:09:39.059Z", "datePublished": "2024-06-20T11:13:35.882Z", "dateUpdated": "2024-09-11T17:34:47.609Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-06-20T11:14:49.699Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"], "versions": [{"version": "5c8290284402", "lessThan": "6d9f8ba28f37", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "ca63eeb70fcb", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "581317b1f001", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "79c0b5287ded", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "56480fb10b97", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "2b7e7df1eacd", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "5e761a228723", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"], "versions": [{"version": "4.3", "status": "affected"}, {"version": "0", "lessThan": "4.3", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.265", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.228", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.176", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.96", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.19", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.16.5", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"}, {"url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"}, {"url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"}, {"url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"}, {"url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"}, {"url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"}, {"url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"}], "title": "drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable", "x_generator": {"engine": "bippy-7d53e8ef8be4"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:00.449Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48756", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:10:19.274762Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:47.609Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48756", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-20T11:09:39.059Z", "datePublished": "2024-06-20T11:13:35.882Z", "dateUpdated": "2024-08-03T15:25:00.449Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-06-20T11:14:49.699Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"], "versions": [{"version": "5c8290284402", "lessThan": "6d9f8ba28f37", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "ca63eeb70fcb", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "581317b1f001", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "79c0b5287ded", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "56480fb10b97", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "2b7e7df1eacd", "status": "affected", "versionType": "git"}, {"version": "5c8290284402", "lessThan": "5e761a228723", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/msm/dsi/phy/dsi_phy.c"], "versions": [{"version": "4.3", "status": "affected"}, {"version": "0", "lessThan": "4.3", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.265", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.228", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.176", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.96", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.19", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.16.5", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"}, {"url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"}, {"url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"}, {"url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"}, {"url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"}, {"url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"}, {"url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"}], "title": "drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable", "x_generator": {"engine": "bippy-7d53e8ef8be4"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48756", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:10:19.274762Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-09-11T12:42:25.938Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B72F14E6-57AC-4FFD-A66C-6C9F2831248F", "versionEndExcluding": "4.14.265", "versionStartIncluding": "4.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "87288F16-8DE4-4680-95D9-8601B47620D7", "versionEndExcluding": "4.19.228", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "581D4C61-D3FC-4DB2-85E3-EE596EEBA89E", "versionEndExcluding": "5.4.176", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "27A6621A-A196-4220-957F-334B9124E477", "versionEndExcluding": "5.10.96", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF69DD7C-FD57-4914-ABB0-FAEF87B0289D", "versionEndExcluding": "5.15.19", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "1AD9E77E-B27E-450C-8FD8-B64EC5FB002D", "versionEndExcluding": "5.16.5", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*", "matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\n\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\n\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\n\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")"}, {"lang": "es", "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: drm/msm/dsi: comprobaci\u00f3n de par\u00e1metro no v\u00e1lido en msm_dsi_phy_enable La funci\u00f3n realiza una comprobaci\u00f3n del par\u00e1metro de entrada \"phy\", sin embargo, se utiliza antes de la comprobaci\u00f3n. Inicialice la variable \"dev\" despu\u00e9s de la verificaci\u00f3n de cordura para evitar una posible desreferencia del puntero NULL. Direcciones-Coverity-ID: 1493860 (\"Desreferencia de puntero nulo\")"}], "id": "CVE-2022-48756", "lastModified": "2024-09-18T15:59:50.983", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-20T12:15:13.740", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable", "id": "2293398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293398"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/msm/dsi: invalid parameter check in msm_dsi_phy_enable\nThe function performs a check on the \"phy\" input parameter, however, it\nis used before the check.\nInitialize the \"dev\" variable after the sanity check to avoid a possible\nNULL pointer dereference.\nAddresses-Coverity-ID: 1493860 (\"Null pointer dereference\")"], "name": "CVE-2022-48756", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48756\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48756\nhttps://lore.kernel.org/linux-cve-announce/2024062007-CVE-2022-48756-fc26@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 4.14.265, kernel 4.19.228, kernel 5.4.176, kernel 5.10.96, kernel 5.15.19, kernel 5.16.5, kernel 5.17"}