CVE-2022-50492
📋 TL;DR
This is a use-after-free vulnerability in the Linux kernel's MSM DRM driver that occurs during device probe deferral. When the kernel tears down and recreates DRM devices due to deferred probing, stale pointers to freed memory structures can be accessed, potentially leading to memory corruption. This affects Linux systems using Qualcomm MSM graphics hardware.
💻 Affected Systems
- Linux kernel with MSM DRM driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory corruption leading to system crash, privilege escalation, or arbitrary code execution at kernel level.
Likely Case
System instability, kernel panics, or crashes during device initialization, particularly with multiple display bridges.
If Mitigated
System remains stable with proper patching; unpatched systems may experience crashes during device probe operations.
🎯 Exploit Status
Exploitation requires local access and specific conditions to trigger the use-after-free. The vulnerability occurs during device probe deferral scenarios.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 0a30a47741b6df1f9555a0fac6aebb7e8c363bad and 6808abdb33bf90330e70a687d29f038507e06ebb
Vendor Advisory: https://patchwork.freedesktop.org/patch/502665/
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager to update kernel package. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable MSM DRM module
linuxPrevent loading of the vulnerable MSM DRM driver if not needed
echo 'blacklist msm' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
🧯 If You Can't Patch
- Restrict local user access to systems with MSM hardware
- Monitor system logs for kernel panic or oops messages related to DRM/MSM
🔍 How to Verify
Check if Vulnerable:
Check if MSM DRM module is loaded: lsmod | grep msm. Check kernel version against patched versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: git log --oneline | grep -E '0a30a47741b6df1f9555a0fac6aebb7e8c363bad|6808abdb33bf90330e70a687d29f038507e06ebb'📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- System crashes during device initialization
- DRM/MSM related error messages in dmesg
Network Indicators:
- None - local vulnerability
SIEM Query:
Search for: 'kernel: BUG:', 'kernel: Oops:', 'drm_msm' in system logs