CVE-2022-49189 – A Linux kernel vulnerability in the Qualcomm cl... (How to Fix)

Q: What is the severity of CVE-2022-49189?

CVE-2022-49189 has a CVSS score of 5.5 (MEDIUM). A Linux kernel vulnerability in the Qualcomm clock controller driver (clk-rcg2) allows underflow errors when calculating display pixel clock values. This affects systems with newer Qualcomm platforms using specific M/N ratios, potentially causing display issues or system instability. Only Linux systems with Qualcomm hardware and affected kernel versions are impacted.

📋 TL;DR

A Linux kernel vulnerability in the Qualcomm clock controller driver (clk-rcg2) allows underflow errors when calculating display pixel clock values. This affects systems with newer Qualcomm platforms using specific M/N ratios, potentially causing display issues or system instability. Only Linux systems with Qualcomm hardware and affected kernel versions are impacted.

💻 Affected Systems

Products:

Linux kernel with Qualcomm clock controller driver

Versions: Kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions running on Qualcomm hardware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Qualcomm SoCs using the clk-rcg2 driver and specific display configurations requiring M/N = 2/3 ratios.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash leading to denial of service, potentially requiring physical access to restart affected devices.

🟠

Likely Case

Display corruption, flickering, or failure to initialize display hardware on affected Qualcomm-based devices.

🟢

If Mitigated

Minor display artifacts or no visible impact if the vulnerable code path isn't triggered by specific clock configurations.

🌐 Internet-Facing: LOW - This is a local hardware driver issue not directly exploitable over network.

🏢 Internal Only: MEDIUM - Affects system stability but requires local access or specific hardware conditions to trigger.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: HIGH

Exploitation requires specific hardware conditions and kernel access; more likely to be triggered accidentally than maliciously.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 334720f418f57b1d969dad2117b21f9388cb9395, 34dca60982e93e69ae442aa2d36ce61c9a3bb563, 52592f9afbfe01bce8f8953e4f19cbe3bcbdbd3a, 58922910add18583d5273c2edcdb9fd7bf4eca02, 96888f0dcf351e758b9df57e015a48427ca709c1

Vendor Advisory: https://git.kernel.org/stable/c/334720f418f57b1d969dad2117b21f9388cb9395

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Avoid specific display configurations

linux

Prevent using display modes that trigger the M/N = 2/3 ratio requirement

🧯 If You Can't Patch

Monitor system logs for display driver errors or kernel panics
Avoid hardware/display configurations known to trigger the issue on affected Qualcomm platforms

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if Qualcomm clk-rcg2 driver is loaded: lsmod | grep clk_rcg2 && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits or is newer than vulnerable versions

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
Display driver errors in dmesg
Clock controller underflow warnings

SIEM Query:

source="kernel" AND ("clk-rcg2" OR "underflow" OR "display panic")

📊 Metadata

CVE ID: CVE-2022-49189

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score: 0.04% exploit probability (12.7th percentile)

Published: February 26, 2025

Last Updated: October 21, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON