CVE-2022-49165
📋 TL;DR
A NULL pointer dereference vulnerability in the Linux kernel's i.MX JPEG decoder driver allows local attackers to crash the system by triggering a kernel panic. This affects systems using the media: imx-jpeg driver with specific buffer configurations. The vulnerability requires local access to trigger.
💻 Affected Systems
- Linux kernel with i.MX JPEG decoder driver (media: imx-jpeg)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local denial of service causing kernel panic and system crash, potentially leading to data loss or service disruption.
Likely Case
Local denial of service through kernel panic when malicious applications trigger the specific buffer mismatch condition.
If Mitigated
No impact if patched or if the vulnerable driver isn't loaded/used.
🎯 Exploit Status
Exploitation requires local access and ability to trigger specific buffer configuration mismatch in the JPEG decoder.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 417591a766b3c040c346044541ff949c0b2bb7b2, 4eb591c47c82a6a6ad293ed108c3cb77115fbc25, 8d075ede7d24f19dc817c5bd517a53f0524f9031, or eff76b180751e5e55c872d17755680c3b83ba9ab
Vendor Advisory: https://git.kernel.org/stable/c/417591a766b3c040c346044541ff949c0b2bb7b2
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load patched kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable imx-jpeg module
linuxPrevent loading of vulnerable driver module
echo 'blacklist imx_jpeg' >> /etc/modprobe.d/blacklist-imx-jpeg.conf
rmmod imx_jpeg
🧯 If You Can't Patch
- Restrict local user access to systems using the vulnerable driver
- Implement strict application control to prevent untrusted applications from using JPEG decoding functionality
🔍 How to Verify
Check if Vulnerable:
Check if imx-jpeg module is loaded: lsmod | grep imx_jpeg AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and imx-jpeg module loads without issues📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs mentioning 'NULL pointer dereference' in mxc_jpeg_addrs
- System crash/reboot events
SIEM Query:
event_type:"kernel_panic" AND message:"NULL pointer dereference" AND message:"mxc_jpeg_addrs"