CVE-2022-50560

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19-rc6-lrmbkasan+

Description The Linux kernel has a flaw within the drm/meson subsystem. Specifically, the failure to call component master del when unloading the meson drm module causes the aggregate device to remain indefinitely in the global aggregate devices list. This issue occurs when unloading and reloading the meson dw hdmi module, leading to a use-after-free condition when component add calls try to bring up aggregate device and encounters the unbound meson drm aggregate device. This dereferencing of freed memory results in a kernel crash. The crash report indicates a read of size 8 at an invalid memory address.

Recommendations Update to a newer version of the Linux kernel that addresses this issue.