CVE-2022-48756
📋 TL;DR
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's MSM DSI (Display Serial Interface) driver. The vulnerability occurs when the msm_dsi_phy_enable function uses the 'phy' parameter before performing proper validation, potentially leading to kernel crashes or system instability. This affects systems running vulnerable Linux kernel versions with MSM DSI hardware support.
💻 Affected Systems
- Linux kernel with MSM DSI driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical access to restart affected devices.
Likely Case
System instability or crash when specific DSI operations are performed, resulting in temporary denial of service.
If Mitigated
Minimal impact if proper kernel hardening and privilege separation are in place, with crashes contained to affected processes.
🎯 Exploit Status
Exploitation requires ability to trigger the vulnerable DSI function, typically requiring local access or another vulnerability chain.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fixes from the provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Rebuild kernel if using custom build. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable MSM DSI module
linuxPrevent loading of vulnerable driver module
echo 'blacklist msm_dsi' >> /etc/modprobe.d/blacklist.conf
rmmod msm_dsi
🧯 If You Can't Patch
- Implement strict access controls to prevent unauthorized users from accessing system
- Monitor system logs for kernel panic or crash events related to DSI operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if MSM DSI driver is loaded: lsmod | grep msm_dsiCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated beyond vulnerable commits and test DSI functionality📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference errors in kernel logs
- System crash/reboot events
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("NULL pointer" OR "panic" OR "Oops") AND "msm_dsi"🔗 References
- https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951
- https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7
- https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100
- https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c
- https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe
- https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5
- https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd
- https://git.kernel.org/stable/c/2b7e7df1eacd280e561ede3e977853606871c951
- https://git.kernel.org/stable/c/56480fb10b976581a363fd168dc2e4fbee87a1a7
- https://git.kernel.org/stable/c/581317b1f001b7509041544d7019b75571daa100
- https://git.kernel.org/stable/c/5e761a2287234bc402ba7ef07129f5103bcd775c
- https://git.kernel.org/stable/c/6d9f8ba28f3747ca0f910a363e46f1114856dbbe
- https://git.kernel.org/stable/c/79c0b5287ded74f4eacde4dfd8aa0a76cbd853b5
- https://git.kernel.org/stable/c/ca63eeb70fcb53c42e1fe54e1735a54d8e7759fd
