CVE-2022-50173

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc2-15930-g875cc8bc536a

Description The issue is related to the Linux kernel, specifically with the drm/msm/mdp5 module. It involves a problem with the global state lock backoff, where the lock is not grabbed after an early return in certain cases, potentially leading to contention. This issue was flagged by the CONFIG DRM DEBUG MODESET LOCK configuration in CI, resulting in a warning message. The problem is associated with the drm modeset lock function and affects the mdp5 get global state, mdp5 pipe release, and mdp5 plane atomic check functions.

Recommendations For Linux kernel versions prior to 5.19.0-rc2-15930-g875cc8bc536a, consider applying the patch that fixes the global state lock backoff issue in the drm/msm/mdp5 module. As a temporary workaround, consider disabling the drm modeset lock function until a patch is available. Restrict access to the vulnerable module mdp5 to minimize the risk of exploitation. Avoid using the mdp5 get global state and mdp5 pipe release functions in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.