CVE intelligence and bounded remediation

CVE-2022-49483 — Linux Linux Kernel security vulnerability

Medium CVSS 5.5

In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: avoid clearing hw interrupts if hw_intr is null during drm uninit If edp modeset init is failed due to panel being not ready and probe defers during drm bind, avoid clearing irqs and dereference hw_intr when hw_intr is null. BUG: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Call trace: dpu_core_irq_uninstall+0x50/0xb0 dpu_irq_uninstall+0x18/0x24 msm_drm_uninit+0xd8/0x16c msm_drm_bind+0x580/0x5fc try_to_bring_up_master+0x168/0x1c0 __component_add+0xb4/0x178 component_add+0x1c/0x28 dp_display_probe+0x38c/0x400 platform_probe+0xb0/0xd0 really_probe+0xcc/0x2c8 __driver_probe_device+0xbc/0xe8 driver_probe_device+0x48/0xf0 __device_attach_driver+0xa0/0xc8 bus_for_each_drv+0x8c/0xd8 __device_attach+0xc4/0x150 device_initial_probe+0x1c/0x28 Changes in V2: - Update commit message and coreect fixes tag. Patchwork: https://patchwork.freedesktop.org/patch/484430/

Severity
Medium
CVSS
5.5 (3.1)
Published
2025-02-26
CISA KEV
Not currently listed
Ecosystem
linux/kernel
Weaknesses
CWE-476

Affected products

  • linux / linux_kernel

Showing 1 representative product identities from 2 source matches. Confirm exact affected versions with the linked vendor and NVD evidence.

Matched remediation archetype

Buffer bounds, memory safety, and memory corruption

This catalog composition supplies bounded fallback guidance. Explicitly reviewed curated workflows load with the complete record below.

Check exposure

  • Identify affected native-code versions, build flags, architectures, parsers, codecs, drivers, and input paths in all shipped artifacts.
  • Determine whether untrusted data reaches the affected routine and the process privilege, sandbox, and network exposure.
  • Confirm statically linked, vendored, firmware, and platform-provided copies, not only package-manager records.

Remediate safely

  • Apply the maintained upstream correction or replace the affected component, then rebuild every dependent artifact from clean inputs.
  • Adopt bounds-checked interfaces, validated sizes and integer conversions, clear ownership, and memory-safe components where practical.
  • Enable supported compiler and runtime hardening and add sanitized tests and fuzz regression seeds derived from non-weaponized fixtures.

Authoritative sources

Complete CVE record and remediation plan

The detailed catalog view below loads this exact record, its source evidence, and the full seven-phase agentic change plan.