CVE-2022-49506 Information

Mar 01, 2025 cve

Description

In the Linux kernel the following vulnerability has been resolved:

drm/mediatek: Add vblank register/unregister callback functions

We encountered a kernel panic issue that callback data will be NULL when it’s using in ovl irq handler. There is a timing issue between mtk_disp_ovl_irq_handler() and mtk_ovl_disable_vblank().

To resolve this issue we use the flow to register/unregister vblank cb:

Register callback function and callback data when crtc creates.
Unregister callback function and callback data when crtc destroies.

With this solution we can assure callback data will not be NULL when vblank is disable.

Reference

https://git.kernel.org/stable/c/3a4027b5971fe2a94e32754f007d9d3c12c68ad1 https://git.kernel.org/stable/c/8a265d9838bc3c63579002d55c2b2c655c4f8f26 https://git.kernel.org/stable/c/8a2dbdeccef6de47565638abdf3c25f41cdffc37 https://git.kernel.org/stable/c/b74d921b900b6ce38c6247c0a1c86be9f3746493

Share on: