CVE-2022-49960

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.17.0-rc1

Description A null pointer dereference issue has been identified in the Linux kernel, specifically in the tgl get bw info() function in drivers/gpu/drm/i915/display/intel bw.c. This issue causes a kernel panic and can lead to a crash during boot on affected devices, such as the Asus Chromebook CX550. The root cause is a null pointer dereference of bi next. Technical details about the issue include a null pointer dereference at address 000000000000002e and a call trace that includes functions like intel bw init hw() and i915 driver hw probe().

Recommendations For Linux kernel version 5.17.0-rc1, consider updating to a newer version to resolve the null pointer dereference issue. As a temporary workaround, consider disabling the tgl get bw info() function until a patch is available. Restrict access to the vulnerable module drivers/gpu/drm/i915/display/intel bw.c to minimize the risk of exploitation.