CVE-2022-48849: drm/amdgpu: bypass tiling flag check in virtual display case (v2)
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: bypass tiling flag check in virtual display case (v2)
vkms leverages common amdgpu framebuffer creation, and
also as it does not support FB modifier, there is no need
to check tiling flags when initing framebuffer when virtual
display is enabled.
This can fix below calltrace:
amdgpu 0000:00:08.0: GFX9+ requires FB check based on format modifier
WARNING: CPU: 0 PID: 1023 at drivers/gpu/drm/amd/amdgpu/amdgpu_display.c:1150 amdgpu_display_framebuffer_init+0x8e7/0xb40 [amdgpu]
v2: check adev->enable_virtual_display instead as vkms can be
enabled in bare metal as well.
Security readout for executives and security teams
Plain-English summary
This Linux kernel issue affects AMD GPU virtual display handling. The public record describes a warning/calltrace caused by an inappropriate framebuffer tiling check, not a clearly documented data breach or remote compromise path.
Executive priority
Track and patch through normal kernel maintenance unless local validation shows affected AMDGPU virtual display usage or operational instability. No source provided evidence of active attacks.
Technical view
In amdgpu framebuffer initialization, GFX9+ tiling flag checks were applied even when virtual display was enabled. Because vkms does not support framebuffer modifiers, the kernel fix bypasses that check when adev->enable_virtual_display is set.
Likely exposure
Exposure appears limited to Linux systems running affected 5.16/5.17-era kernels with amdgpu virtual display or vkms-related paths. Downstream distributions may have backported fixes, so exact package verification is required.
Exploitation context
The supplied sources do not show active exploitation, KEV listing, exploit availability, CVSS scoring, or a clear security impact beyond the documented kernel warning/calltrace.
Researcher notes
Evidence is sparse: no CWE, CVSS, exploit status, or detailed impact statement is provided. The fix is narrowly scoped to amdgpu virtual display framebuffer initialization behavior.
Mitigation direction
Check vendor kernel advisories for CVE-2022-48849 coverage.
Update to a kernel package containing the cited stable fixes.
Prioritize systems using AMDGPU virtual display or vkms paths.
Avoid direct deployment changes without normal kernel testing.
Validation and detection
Inventory Linux kernel versions and amdgpu module usage.
Check distribution changelogs for the cited stable commit IDs.
Review kernel logs for the documented amdgpu framebuffer warning.
Confirm whether virtual display is enabled on AMDGPU systems.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2022-48849 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.