kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   0429ad319e11fd11f882bfa05856b3a176676bd9
  2.   patches.suse
  3.   0001-drm-vmwgfx-Avoid-NULL-ptr-deref-in-vmw_cmd_dx_define.patch
Blob Blame History Raw 
From 905483d9ea93e05d019664b3cfd078870233faaa Mon Sep 17 00:00:00 2001
From: Thomas Zimmermann <tzimmermann@suse.com>
Date: Mon, 20 Feb 2023 10:38:08 +0100
Subject: drm/vmwgfx: Avoid NULL-ptr deref in vmw_cmd_dx_define_query()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Patch-mainline: Never, quick fix for CVE-2022-38096
References: bsc#1203331 CVE-2022-38096

See bsc#1203331.

Suggested-by: Michal Koutný <mkoutny@suse.com>
Signed-off-by: Thomas Zimmermann <tzimmermann@suse.com>
Acked-by: Thomas Zimmermann <tzimmermann@suse.com>
---
 drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c b/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c
index b652822a19671..e3f4da096fd41 100644
--- a/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c
+++ b/drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c
@@ -1266,7 +1266,7 @@ static int vmw_cmd_dx_define_query(struct vmw_private *dev_priv,
 	struct vmw_resource *cotable_res;
 	int ret;
 
-	if (!ctx_node)
+	if (!ctx_node || !ctx_node->ctx)
 		return -EINVAL;
 
 	cmd = container_of(header, typeof(*cmd), header);
-- 
2.39.2
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.