PCI Device Conflict in Linux Kernel through Video/Aperture Interface
CVE-2022-50332
Currently unrated
What is CVE-2022-50332?
A vulnerability in the Linux kernel's video/aperture subsystem can lead to conflicts between simpledrm and hardware drivers during PCI device removal. This occurs when sysfb_disable() is not called, allowing both drivers to bind to simple-framebuffer devices simultaneously, resulting in undefined behavior and potential modesetting errors. The issue was introduced in Linux Kernel version 6.0.3, highlighting the need for careful management of framebuffer ownership in PCI device handling.
Affected Version(s)
Linux cfecfc98a78d97a49807531b5b224459bda877de < 25a6688f27ff54f97adf7cce1d7e18c38bf51eb4
Linux 6.0.3 < 6.0.6