CVE-2022-50368
📋 TL;DR
This CVE describes a memory corruption vulnerability in the Linux kernel's DRM/MSM DSI driver where missing bounds checking allows writing beyond a fixed-size bridge array when more than eight bridges are present. This could allow local attackers to crash the system or potentially execute arbitrary code. Affected systems are those running vulnerable Linux kernel versions with the MSM DSI driver enabled.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Local privilege escalation to kernel-level code execution, leading to complete system compromise.
Likely Case
Kernel panic or system crash causing denial of service.
If Mitigated
Limited impact if proper kernel hardening and privilege separation are in place.
🎯 Exploit Status
Requires local access and ability to trigger the DSI bridge condition. No public exploit code known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with fixes: 21c4679af01f, 2e786eb2f9ce, 4e5587cddb33, 9f035d1fb306, e83b354890a3
Vendor Advisory: https://patchwork.freedesktop.org/patch/502668/
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version. 2. Rebuild kernel if compiling from source. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable MSM DSI driver
linuxRemove or disable the vulnerable driver module if not needed.
modprobe -r msm
echo 'blacklist msm' >> /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Restrict local user access to systems with vulnerable kernels
- Implement strict kernel module loading policies
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if MSM DSI driver is loaded: 'lsmod | grep msm' and 'uname -r'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and driver version includes the patch commit IDs📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- System crashes/panics related to DSI or GPU drivers
Network Indicators:
- None - local exploit only
SIEM Query:
Search for kernel panic logs or DSI driver failure messages🔗 References
- https://git.kernel.org/stable/c/21c4679af01f1027cb559330c2e7d410089b2b36
- https://git.kernel.org/stable/c/2e786eb2f9cebb07e317226b60054df510b60c65
- https://git.kernel.org/stable/c/4e5587cddb334f7a5bb1c49ea8bbfc966fafe1b8
- https://git.kernel.org/stable/c/9f035d1fb30648fe70ee01627eb131c56d699b35
- https://git.kernel.org/stable/c/e83b354890a3c1d5256162f87a6cc38c47ae7f20
- https://git.kernel.org/stable/c/f649ed0e1b7a1545f8e27267d3c468b3cb222ece
