CVE-2022-50317
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-15

Last updated on: 2025-12-04

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered [ 31.912484] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI [ 31.913338] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 31.915280] RIP: 0010:drm_bridge_remove+0x97/0x130 [ 31.921825] Call Trace: [ 31.922533] stdp4028_ge_b850v3_fw_remove+0x34/0x60 [megachips_stdpxxxx_ge_b850v3_fw] [ 31.923139] i2c_device_remove+0x181/0x1f0 The two bridges (stdp2690, stdp4028) do not probe at the same time, so the driver does not call ge_b850v3_resgiter() when probing, causing the driver to try to remove the object that has not been initialized. Fix this by checking whether both the bridges are probed.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-15
Last Modified
2025-12-04
Generated
2026-05-27
AI Q&A
2025-09-15
EPSS Evaluated
2026-05-25
NVD
CVE-2022-50317
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 4.14.263 (inc) to 4.14.296 (exc)
linux linux_kernel From 4.19.226 (inc) to 4.19.262 (exc)
linux linux_kernel From 5.4.174 (inc) to 5.4.220 (exc)
linux linux_kernel From 5.10.94 (inc) to 5.10.150 (exc)
linux linux_kernel From 5.15.17 (inc) to 5.15.75 (exc)
linux linux_kernel From 5.16.3 (inc) to 5.19.17 (exc)
linux linux_kernel From 6.0 (inc) to 6.0.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a null pointer dereference bug in the Linux kernel's drm/bridge megachips driver. It occurs because two bridges (stdp2690 and stdp4028) do not probe simultaneously, so the driver sometimes tries to remove an object that was never initialized, leading to a null pointer dereference when the module is removed.


How can this vulnerability impact me? :

The impact of this vulnerability is that it can cause a general protection fault and kernel crash (panic) when the affected driver module is removed, potentially leading to system instability or denial of service.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring kernel logs for specific error messages related to the megachips driver null pointer dereference. Look for warnings such as 'general protection fault', 'KASAN: null-ptr-deref', and call traces involving drm_bridge_remove and megachips_stdpxxxx_ge_b850v3_fw. Commands like 'dmesg | grep -i "null-ptr-deref"' or 'journalctl -k | grep -i drm_bridge_remove' can help identify these issues.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves updating the Linux kernel to a version where the megachips driver null pointer dereference bug is fixed. The fix includes checking whether both bridges (stdp2690 and stdp4028) are probed before attempting to remove the driver, preventing the null pointer dereference. Until an update is applied, avoid removing the megachips modules stdp2690_ge_b850v3_fw and stdp4028_ge_b850v3_fw to prevent triggering the bug.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart