CVE-2022-49125 – This CVE describes a NULL pointer dereference v... (How to Fix)

Q: What is the severity of CVE-2022-49125?

CVE-2022-49125 has a CVSS score of 5.5 (MEDIUM). This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's SPRD DRM driver. If exploited, it could cause a kernel panic or system crash. Systems using affected Linux kernel versions with SPRD DRM driver enabled are vulnerable.

📋 TL;DR

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's SPRD DRM driver. If exploited, it could cause a kernel panic or system crash. Systems using affected Linux kernel versions with SPRD DRM driver enabled are vulnerable.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated in CVE, but patches exist in stable kernel trees

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable if SPRD DRM driver is enabled and loaded. This is a specific display driver for Spreadtrum SoCs.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially requiring physical access to restart the system.

🟠

Likely Case

System crash or kernel panic resulting in temporary denial of service until system reboot.

🟢

If Mitigated

No impact if the vulnerable driver is not loaded or system has proper kernel protections.

🌐 Internet-Facing: LOW - This requires local access or ability to trigger the vulnerable kernel code path.

🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the vulnerability to cause denial of service.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to trigger the sprd_drm_shutdown function with NULL drm pointer.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (commits 8668658aebb0a19d877d5a81c004baf716c4aaa6 and c3acc8db1bc221604e2db9807f01d8a44b97a64d)

Vendor Advisory: https://git.kernel.org/stable/c/8668658aebb0a19d877d5a81c004baf716c4aaa6

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify SPRD DRM driver is not causing issues.

🔧 Temporary Workarounds

Disable SPRD DRM driver

linux

Prevent loading of vulnerable driver module

echo 'blacklist sprd-drm' >> /etc/modprobe.d/blacklist.conf
rmmod sprd-drm

🧯 If You Can't Patch

Ensure only trusted users have local access to affected systems
Implement kernel hardening features like KASLR and strict memory protections

🔍 How to Verify

Check if Vulnerable:

Check if SPRD DRM driver is loaded: lsmod | grep sprd-drm AND check kernel version against patched versions

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and SPRD DRM driver loads without errors in dmesg

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
NULL pointer dereference errors in dmesg/kernel logs
System crash reports

Network Indicators:

None - local vulnerability

SIEM Query:

search 'kernel panic' OR 'NULL pointer dereference' OR 'sprd_drm' in system logs

📊 Metadata

CVE ID: CVE-2022-49125

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.03% exploit probability (8.9th percentile)

Published: February 26, 2025

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49125, you might also want to check these: