CVE-2022-49335
📋 TL;DR
A NULL pointer dereference vulnerability in the AMD GPU driver for Linux kernel allows local attackers to cause a kernel panic (denial of service) by submitting a command stream with zero chunks. This affects systems with AMD graphics hardware running vulnerable Linux kernel versions.
💻 Affected Systems
- Linux kernel with AMD GPU driver (amdgpu)
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.
Likely Case
Local denial of service through kernel panic when malicious userspace application submits malformed GPU commands.
If Mitigated
Minimal impact with proper access controls preventing unprivileged users from accessing GPU devices.
🎯 Exploit Status
Exploitation requires local access and ability to submit GPU commands through the amdgpu driver interface.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel commits: 15c3bcc9b5349d40207e5f8d4d799b8b4b7d13b8, 20b947e5a3c74c5084d661c097517a554989d462, 31ab27b14daaa75541a415c6794d6f3567fea44a, 70276460e914d560e96bfc208695a872fe9469c9, 7086a23890d255bb5761604e39174b20d06231a4
Vendor Advisory: https://gitlab.freedesktop.org/drm/amd/-/issues/2018
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix. 2. Check distribution-specific security advisories. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Restrict GPU device access
linuxLimit access to GPU devices to prevent unprivileged users from submitting commands.
chmod 600 /dev/dri/renderD*
chmod 600 /dev/dri/card*
Disable amdgpu driver
linuxRemove or blacklist amdgpu kernel module if AMD GPU is not required.
echo 'blacklist amdgpu' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
🧯 If You Can't Patch
- Implement strict access controls on GPU device files (/dev/dri/*)
- Monitor system logs for kernel panic events related to amdgpu driver
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if amdgpu module is loaded: 'uname -r' and 'lsmod | grep amdgpu'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated beyond vulnerable versions and test with known triggering conditions.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages mentioning 'amdgpu_cs_ioctl'
- NULL pointer dereference errors in kernel logs
- System crash/reboot events
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("amdgpu_cs_ioctl" OR "NULL pointer dereference" OR "kernel panic")🔗 References
- https://git.kernel.org/stable/c/15c3bcc9b5349d40207e5f8d4d799b8b4b7d13b8
- https://git.kernel.org/stable/c/20b947e5a3c74c5084d661c097517a554989d462
- https://git.kernel.org/stable/c/31ab27b14daaa75541a415c6794d6f3567fea44a
- https://git.kernel.org/stable/c/70276460e914d560e96bfc208695a872fe9469c9
- https://git.kernel.org/stable/c/7086a23890d255bb5761604e39174b20d06231a4
- https://git.kernel.org/stable/c/8189f44270db1be78169e11eec51a3eeb980bc63
- https://git.kernel.org/stable/c/aa25acbe96692e4bf8482311c293f72d8c6034c0
- https://git.kernel.org/stable/c/be585921f29df5422a39c952d188b418ad48ffab
- https://git.kernel.org/stable/c/c12984cdb077b9042d2dc20ca18cb16a87bcc774
