[Suggested description] An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference. ------------------------------------------ [VulnerabilityType Other] NULL Pointer Dereference ------------------------------------------ [Vendor of Product] the development group ------------------------------------------ [Affected Product Code Base] Linux kernel - 5.16-rc6 ------------------------------------------ [Reference] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.19-rc2&id=73c3ed7495c67b8fbdc31cf58e6ca8757df31a33 ------------------------------------------ [Discoverer] Jiasheng Jiang
Upstream commit: https://github.com/torvalds/linux/commit/73c3ed7495c67b8fbdc31cf58e6ca8757df31a33
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-3115
Hello, given comment 2 limits the scope to ARM but does not rule out that the code is in the RHEL kernel, shouldn't this be reopened for proper investigation of the situation in RHEL aarch64 versions? Thank you, Jan