{"id":"CVE-2022-50628","summary":"drm/gud: Fix UBSAN warning","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gud: Fix UBSAN warning\n\nUBSAN complains about invalid value for bool:\n\n[  101.165172] [drm] Initialized gud 1.0.0 20200422 for 2-3.2:1.0 on minor 1\n[  101.213360] gud 2-3.2:1.0: [drm] fb1: guddrmfb frame buffer device\n[  101.213426] usbcore: registered new interface driver gud\n[  101.989431] ================================================================================\n[  101.989441] UBSAN: invalid-load in linux/include/linux/iosys-map.h:253:9\n[  101.989447] load of value 121 is not a valid value for type '_Bool'\n[  101.989451] CPU: 1 PID: 455 Comm: kworker/1:6 Not tainted 5.18.0-rc5-gud-5.18-rc5 #3\n[  101.989456] Hardware name: Hewlett-Packard HP EliteBook 820 G1/1991, BIOS L71 Ver. 01.44 04/12/2018\n[  101.989459] Workqueue: events_long gud_flush_work [gud]\n[  101.989471] Call Trace:\n[  101.989474]  \u003cTASK\u003e\n[  101.989479]  dump_stack_lvl+0x49/0x5f\n[  101.989488]  dump_stack+0x10/0x12\n[  101.989493]  ubsan_epilogue+0x9/0x3b\n[  101.989498]  __ubsan_handle_load_invalid_value.cold+0x44/0x49\n[  101.989504]  dma_buf_vmap.cold+0x38/0x3d\n[  101.989511]  ? find_busiest_group+0x48/0x300\n[  101.989520]  drm_gem_shmem_vmap+0x76/0x1b0 [drm_shmem_helper]\n[  101.989528]  drm_gem_shmem_object_vmap+0x9/0xb [drm_shmem_helper]\n[  101.989535]  drm_gem_vmap+0x26/0x60 [drm]\n[  101.989594]  drm_gem_fb_vmap+0x47/0x150 [drm_kms_helper]\n[  101.989630]  gud_prep_flush+0xc1/0x710 [gud]\n[  101.989639]  ? _raw_spin_lock+0x17/0x40\n[  101.989648]  gud_flush_work+0x1e0/0x430 [gud]\n[  101.989653]  ? __switch_to+0x11d/0x470\n[  101.989664]  process_one_work+0x21f/0x3f0\n[  101.989673]  worker_thread+0x200/0x3e0\n[  101.989679]  ? rescuer_thread+0x390/0x390\n[  101.989684]  kthread+0xfd/0x130\n[  101.989690]  ? kthread_complete_and_exit+0x20/0x20\n[  101.989696]  ret_from_fork+0x22/0x30\n[  101.989706]  \u003c/TASK\u003e\n[  101.989708] ================================================================================\n\nThe source of this warning is in iosys_map_clear() called from\ndma_buf_vmap(). It conditionally sets values based on map-\u003eis_iomem. The\niosys_map variables are allocated uninitialized on the stack leading to\n-\u003eis_iomem having all kinds of values and not only 0/1.\n\nFix this by zeroing the iosys_map variables.","modified":"2026-04-02T08:28:40.000378Z","published":"2025-12-08T01:16:43.390Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50628.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/832f861a46039d50536dcfda0a9fb334b48d0f8b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/951df98024f7272f85df5044eca7374f5b5b24ef"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e1078b270d218f8d58efb4d78ea25a4d16ba3490"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50628.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50628"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"40e1a70b4aedf2859a1829991b48ef0ebe650bf2"},{"fixed":"832f861a46039d50536dcfda0a9fb334b48d0f8b"},{"fixed":"e1078b270d218f8d58efb4d78ea25a4d16ba3490"},{"fixed":"951df98024f7272f85df5044eca7374f5b5b24ef"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50628.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.13.0"},{"fixed":"6.1.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50628.json"}}],"schema_version":"1.7.5"}