Bug 2426170 (CVE-2022-50847)

Summary: CVE-2022-50847 kernel: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A NULL pointer dereference was found in the IT6505 DisplayPort bridge driver. If an HPD interrupt fires before the DRM bridge registration completes, the driver attempts to access an uninitialized AUX channel, causing a kernel crash.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2025-12-30 13:13:53 UTC 
In the Linux kernel, the following vulnerability has been resolved:

drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe

During device boot, the HPD interrupt could be triggered before the DRM
subsystem registers it6505 as a DRM bridge. In such cases, the driver
tries to access AUX channel and causes NULL pointer dereference.
Initializing the AUX channel earlier to prevent such error.
Comment 1 Alexander B 2025-12-31 04:09:19 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025123021-CVE-2022-50847-6766@gregkh/T