Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2022-50173

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/06/2025
Last modified:
28/11/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/msm/mdp5: Fix global state lock backoff<br /> <br /> We need to grab the lock after the early return for !hwpipe case.<br /> Otherwise, we could have hit contention yet still returned 0.<br /> <br /> Fixes an issue that the new CONFIG_DRM_DEBUG_MODESET_LOCK stuff flagged<br /> in CI:<br /> <br /> WARNING: CPU: 0 PID: 282 at drivers/gpu/drm/drm_modeset_lock.c:296 drm_modeset_lock+0xf8/0x154<br /> Modules linked in:<br /> CPU: 0 PID: 282 Comm: kms_cursor_lega Tainted: G W 5.19.0-rc2-15930-g875cc8bc536a #1<br /> Hardware name: Qualcomm Technologies, Inc. DB820c (DT)<br /> pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)<br /> pc : drm_modeset_lock+0xf8/0x154<br /> lr : drm_atomic_get_private_obj_state+0x84/0x170<br /> sp : ffff80000cfab6a0<br /> x29: ffff80000cfab6a0 x28: 0000000000000000 x27: ffff000083bc4d00<br /> x26: 0000000000000038 x25: 0000000000000000 x24: ffff80000957ca58<br /> x23: 0000000000000000 x22: ffff000081ace080 x21: 0000000000000001<br /> x20: ffff000081acec18 x19: ffff80000cfabb80 x18: 0000000000000038<br /> x17: 0000000000000000 x16: 0000000000000000 x15: fffffffffffea0d0<br /> x14: 0000000000000000 x13: 284e4f5f4e524157 x12: 5f534b434f4c5f47<br /> x11: ffff80000a386aa8 x10: 0000000000000029 x9 : ffff80000cfab610<br /> x8 : 0000000000000029 x7 : 0000000000000014 x6 : 0000000000000000<br /> x5 : 0000000000000001 x4 : ffff8000081ad904 x3 : 0000000000000029<br /> x2 : ffff0000801db4c0 x1 : ffff80000cfabb80 x0 : ffff000081aceb58<br /> Call trace:<br /> drm_modeset_lock+0xf8/0x154<br /> drm_atomic_get_private_obj_state+0x84/0x170<br /> mdp5_get_global_state+0x54/0x6c<br /> mdp5_pipe_release+0x2c/0xd4<br /> mdp5_plane_atomic_check+0x2ec/0x414<br /> drm_atomic_helper_check_planes+0xd8/0x210<br /> drm_atomic_helper_check+0x54/0xb0<br /> ...<br /> ---[ end trace 0000000000000000 ]---<br /> drm_modeset_lock attempting to lock a contended lock without backoff:<br /> drm_modeset_lock+0x148/0x154<br /> mdp5_get_global_state+0x30/0x6c<br /> mdp5_pipe_release+0x2c/0xd4<br /> mdp5_plane_atomic_check+0x290/0x414<br /> drm_atomic_helper_check_planes+0xd8/0x210<br /> drm_atomic_helper_check+0x54/0xb0<br /> drm_atomic_check_only+0x4b0/0x8f4<br /> drm_atomic_commit+0x68/0xe0<br /> <br /> Patchwork: https://patchwork.freedesktop.org/patch/492701/

Impact

Vector 3.x
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x
5.50
Severity 3.x
MEDIUM

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.19.247 (including) 4.19.256 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.4.198 (including) 5.4.211 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.10.121 (including) 5.10.137 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.15.46 (including) 5.15.61 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.17.14 (including) 5.18 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.18.3 (including) 5.18.18 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.19 (including) 5.19.2 (excluding)

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools