{"id":"CVE-2022-49218","summary":"drm/dp: Fix OOB read when handling Post Cursor2 register","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/dp: Fix OOB read when handling Post Cursor2 register\n\nThe link_status array was not large enough to read the Adjust Request\nPost Cursor2 register, so remove the common helper function to avoid\nan OOB read, found with a -Warray-bounds build:\n\ndrivers/gpu/drm/drm_dp_helper.c: In function 'drm_dp_get_adjust_request_post_cursor':\ndrivers/gpu/drm/drm_dp_helper.c:59:27: error: array subscript 10 is outside array bounds of 'const u8[6]' {aka 'const unsigned char[6]'} [-Werror=array-bounds]\n   59 |         return link_status[r - DP_LANE0_1_STATUS];\n      |                ~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~\ndrivers/gpu/drm/drm_dp_helper.c:147:51: note: while referencing 'link_status'\n  147 | u8 drm_dp_get_adjust_request_post_cursor(const u8 link_status[DP_LINK_STATUS_SIZE],\n      |                                          ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nReplace the only user of the helper with an open-coded fetch and decode,\nsimilar to drivers/gpu/drm/amd/display/dc/core/dc_link_dp.c.","modified":"2026-04-02T08:27:24.427516Z","published":"2025-02-26T01:55:51.646Z","related":["SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1241-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49218.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/a2151490cc6c57b368d7974ffd447a8b36ade639"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aeaed9a9fe694f8b1462fb81e2d33298c929180b"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49218.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49218"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"79465e0ffeb9e4866939ea562bc55367be91e595"},{"fixed":"aeaed9a9fe694f8b1462fb81e2d33298c929180b"},{"fixed":"a2151490cc6c57b368d7974ffd447a8b36ade639"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49218.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}]}