CVE-2022-50368: drm/msm/dsi: fix memory corruption with too many bridges
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/dsi: fix memory corruption with too many bridges
Add the missing sanity check on the bridge counter to avoid corrupting
data beyond the fixed-sized bridge array in case there are ever more
than eight bridges.
Patchwork: https://patchwork.freedesktop.org/patch/502668/
Security readout for executives and security teams
Plain-English summary
CVE-2022-50368 is a Linux kernel memory corruption issue in the MSM DSI display bridge handling code. A local user with low privileges could potentially affect confidentiality, integrity, and availability. There is no provided evidence of active exploitation. Business urgency is highest for systems running affected Linux kernels with this driver path enabled.
Executive priority
Treat as a high-priority kernel maintenance item, especially for Linux systems using Qualcomm MSM display components. It requires local access, so it is less urgent than a remote wormable issue, but kernel memory corruption can have serious business impact.
Technical view
The flaw is a CWE-787 out-of-bounds write in drm/msm/dsi. The kernel code lacked a sanity check on a bridge counter, allowing writes beyond a fixed-size bridge array if more than eight bridges are present. CVSS is 7.8: local attack vector, low complexity, low privileges, no user interaction, high CIA impact.
Likely exposure
Exposure appears limited to Linux systems running affected kernel versions and the MSM DSI display bridge code path. The source lists affected Linux kernel ranges and stable kernel fixes, but does not identify specific distributions, devices, or configurations.
Exploitation context
The CVSS vector indicates local, low-privilege exploitation with no user interaction. The source bundle marks CISA KEV as false, and no cited source states active exploitation. Public details describe the bug class and fix, not exploitation in the wild.
Researcher notes
The public record ties the issue to a missing bounds check for a fixed eight-entry bridge array in drm/msm/dsi. Available evidence is sparse: no exploit status, affected distributions, or configuration matrix is provided. Validate exposure through kernel version, configuration, and vendor backport status.
Mitigation direction
Identify Linux kernels in the affected ranges listed for CVE-2022-50368.
Prioritize systems using the drm/msm/dsi driver path.
Update to a kernel containing the referenced stable fixes.
For vendor kernels, follow the distribution or device vendor advisory.
If immediate patching is unavailable, reduce local untrusted access where feasible.
Validation and detection
Check running kernel versions against the CVE affected version data.
Confirm whether the MSM DSI driver is built or loaded.
Verify kernel packages include the referenced upstream stable commits.
Review vendor advisories for backported fixes with different version numbers.
Document systems where exposure cannot be confirmed from available evidence.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-787: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
1CVSS vectors
3Timeline events
1ADP providers
7Source links
SSVC decision data
CISA-ADPCISA Coordinator
Timestamp
Version
2.0.3
Exploitation: noneAutomatable: noTechnical Impact: total
CVSS vector scores
1 official score
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-787 · source CWE mapping
Out-of-bounds Write
Out-of-bounds Write represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.