CVE-2022-49529

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the null pointer dereference issue in the drm/amdgpu/pm module.

Description A null pointer dereference issue has been identified in the Linux kernel, specifically in the drm/amdgpu/pm module. This issue occurs when the smu is disabled and the pp funcs is not initialized, leading to a null pointer panic. The problem is triggered when the software smu is not enabled, and the kernel attempts to access an uninitialized pointer. This results in a kernel NULL pointer dereference error.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the null pointer dereference issue in the drm/amdgpu/pm module. As a temporary workaround, consider disabling the amdgpu dpm force performance level function until a patch is available. Restrict access to the vulnerable module amdgpu to minimize the risk of exploitation. Avoid using the affected API endpoints until the issue is resolved.