CVE-2022-48987

But that assumed that userspace would correctly fill in the front porch, backporch and sync values, but sometimes all you know is the total blanking, which is then assigned to just one of these fields.

And that can fail with these checks.

So instead set a maximum for the total horizontal and vertical blanking and check that each field remains below that.

That is still sufficient to avoid integer overflows, but it also allows for more flexibility in how userspace fills in these fields.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

15ded23db134da975b49ea99770de0346c193b24

Fixed

0d73b49c4037199472b29574ae21c21aef493971

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

3d43b2b8a3cdadd6cef9ac8ef5d156b6214a01c8

Fixed

a2b56627c0d13009e02f6f2c0206c0451ed19a0e

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

9cf9211635b68e8e0c8cb88d43ca7dc83e4632aa

Fixed

2572ab14b73aa45b6ae7e4c089ccf119fed5cf89

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b4a3a01762ae072c7f6ff2ff53b5019761288346

Fixed

4afc77068e36cee45b39d4fdc7513de26980f72c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

683015ae163481457a16fad2317af66360dc4762

Fixed

32f01f0306a98629508f84d7ef0d1d037bc274a2

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

491c0959f01d87bcbd5a1498bc70e0a3382c65a8

Fixed

6fb8bc29bfa80707994a63cc97e2f9920e0b0608

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

dc7276c3f6ca008be1faf531f84b49906c9bcf7f

Fixed

d3d14cdf1c7ae2caa3e999bae95ba99e955fb7c3

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4b6d66a45ed34a15721cb9e11492fa1a24bc83df

Fixed

5eef2141776da02772c44ec406d6871a790761ee

Affected versions

v4.*

v4.14.298

v4.14.299

v4.14.300

v4.14.301

v4.19.264

v4.19.265

v4.19.266

v4.19.267

v4.19.268

v4.9.332

v4.9.333

v4.9.334

v4.9.335

v5.*

v5.10.153

v5.10.154

v5.10.155

v5.10.156

v5.10.157

v5.10.158

v5.15.77

v5.15.78

v5.15.79

v5.15.80

v5.15.81

v5.15.82

v5.4.223

v5.4.224

v5.4.225

v5.4.226

v6.*

v6.0.10

v6.0.11

v6.0.12

v6.0.7

v6.0.8

v6.0.9

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "55164845505937164073312492451268952517",
                "259360007680926913644079619342722967724",
                "126692221774240465692008525317756816544",
                "69164972677419014940553782638773398995",
                "289596351781575252184041980463042747690",
                "311755700945322801236645702283898545778",
                "262203089117455287595061942210111898538",
                "123857164682405855696798650898984225002",
                "232106759265095900075901180284902373801",
                "87186282690157672821661343360113172711",
                "317377435565282721975003857756426193866",
                "314097317042825353396934133530141256748",
                "305452558972456389917805171319089484369",
                "192511037506738574085974968365549446798",
                "241062398826369397876636144137525355479"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2022-48987-151b1edf",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2572ab14b73aa45b6ae7e4c089ccf119fed5cf89",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1323.0,
            "function_hash": "24552138738169863162938895238603598896"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48987-4ad08ad8",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c",
            "function": "v4l2_valid_dv_timings"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5eef2141776da02772c44ec406d6871a790761ee",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "55164845505937164073312492451268952517",
                "259360007680926913644079619342722967724",
                "126692221774240465692008525317756816544",
                "69164972677419014940553782638773398995",
                "289596351781575252184041980463042747690",
                "311755700945322801236645702283898545778",
                "262203089117455287595061942210111898538",
                "123857164682405855696798650898984225002",
                "232106759265095900075901180284902373801",
                "87186282690157672821661343360113172711",
                "317377435565282721975003857756426193866",
                "314097317042825353396934133530141256748",
                "305452558972456389917805171319089484369",
                "192511037506738574085974968365549446798",
                "241062398826369397876636144137525355479"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2022-48987-4c1baa38",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5eef2141776da02772c44ec406d6871a790761ee",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1323.0,
            "function_hash": "24552138738169863162938895238603598896"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48987-4d804d16",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c",
            "function": "v4l2_valid_dv_timings"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4afc77068e36cee45b39d4fdc7513de26980f72c",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "55164845505937164073312492451268952517",
                "259360007680926913644079619342722967724",
                "126692221774240465692008525317756816544",
                "69164972677419014940553782638773398995",
                "289596351781575252184041980463042747690",
                "311755700945322801236645702283898545778",
                "262203089117455287595061942210111898538",
                "123857164682405855696798650898984225002",
                "232106759265095900075901180284902373801",
                "87186282690157672821661343360113172711",
                "317377435565282721975003857756426193866",
                "314097317042825353396934133530141256748",
                "305452558972456389917805171319089484369",
                "192511037506738574085974968365549446798",
                "241062398826369397876636144137525355479"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2022-48987-68c863c6",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a2b56627c0d13009e02f6f2c0206c0451ed19a0e",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "55164845505937164073312492451268952517",
                "259360007680926913644079619342722967724",
                "126692221774240465692008525317756816544",
                "69164972677419014940553782638773398995",
                "289596351781575252184041980463042747690",
                "311755700945322801236645702283898545778",
                "262203089117455287595061942210111898538",
                "123857164682405855696798650898984225002",
                "232106759265095900075901180284902373801",
                "87186282690157672821661343360113172711",
                "317377435565282721975003857756426193866",
                "314097317042825353396934133530141256748",
                "305452558972456389917805171319089484369",
                "192511037506738574085974968365549446798",
                "241062398826369397876636144137525355479"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2022-48987-7375b44b",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d73b49c4037199472b29574ae21c21aef493971",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "55164845505937164073312492451268952517",
                "259360007680926913644079619342722967724",
                "126692221774240465692008525317756816544",
                "69164972677419014940553782638773398995",
                "289596351781575252184041980463042747690",
                "311755700945322801236645702283898545778",
                "262203089117455287595061942210111898538",
                "123857164682405855696798650898984225002",
                "232106759265095900075901180284902373801",
                "87186282690157672821661343360113172711",
                "317377435565282721975003857756426193866",
                "314097317042825353396934133530141256748",
                "305452558972456389917805171319089484369",
                "192511037506738574085974968365549446798",
                "241062398826369397876636144137525355479"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2022-48987-8852fd9f",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4afc77068e36cee45b39d4fdc7513de26980f72c",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "55164845505937164073312492451268952517",
                "259360007680926913644079619342722967724",
                "126692221774240465692008525317756816544",
                "69164972677419014940553782638773398995",
                "289596351781575252184041980463042747690",
                "311755700945322801236645702283898545778",
                "262203089117455287595061942210111898538",
                "123857164682405855696798650898984225002",
                "232106759265095900075901180284902373801",
                "87186282690157672821661343360113172711",
                "317377435565282721975003857756426193866",
                "314097317042825353396934133530141256748",
                "305452558972456389917805171319089484369",
                "192511037506738574085974968365549446798",
                "241062398826369397876636144137525355479"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2022-48987-89bec44a",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@32f01f0306a98629508f84d7ef0d1d037bc274a2",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1323.0,
            "function_hash": "24552138738169863162938895238603598896"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48987-c7a198af",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c",
            "function": "v4l2_valid_dv_timings"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3d14cdf1c7ae2caa3e999bae95ba99e955fb7c3",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "55164845505937164073312492451268952517",
                "259360007680926913644079619342722967724",
                "126692221774240465692008525317756816544",
                "69164972677419014940553782638773398995",
                "289596351781575252184041980463042747690",
                "311755700945322801236645702283898545778",
                "262203089117455287595061942210111898538",
                "123857164682405855696798650898984225002",
                "232106759265095900075901180284902373801",
                "87186282690157672821661343360113172711",
                "317377435565282721975003857756426193866",
                "314097317042825353396934133530141256748",
                "305452558972456389917805171319089484369",
                "192511037506738574085974968365549446798",
                "241062398826369397876636144137525355479"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2022-48987-d1e668bc",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3d14cdf1c7ae2caa3e999bae95ba99e955fb7c3",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "55164845505937164073312492451268952517",
                "259360007680926913644079619342722967724",
                "126692221774240465692008525317756816544",
                "69164972677419014940553782638773398995",
                "289596351781575252184041980463042747690",
                "311755700945322801236645702283898545778",
                "262203089117455287595061942210111898538",
                "123857164682405855696798650898984225002",
                "232106759265095900075901180284902373801",
                "87186282690157672821661343360113172711",
                "317377435565282721975003857756426193866",
                "314097317042825353396934133530141256748",
                "305452558972456389917805171319089484369",
                "192511037506738574085974968365549446798",
                "241062398826369397876636144137525355479"
            ]
        },
        "signature_type": "Line",
        "id": "CVE-2022-48987-d9dc02c1",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6fb8bc29bfa80707994a63cc97e2f9920e0b0608",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1323.0,
            "function_hash": "24552138738169863162938895238603598896"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48987-e0bdc9d6",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c",
            "function": "v4l2_valid_dv_timings"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a2b56627c0d13009e02f6f2c0206c0451ed19a0e",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1323.0,
            "function_hash": "24552138738169863162938895238603598896"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48987-e0db02ba",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c",
            "function": "v4l2_valid_dv_timings"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@32f01f0306a98629508f84d7ef0d1d037bc274a2",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1323.0,
            "function_hash": "24552138738169863162938895238603598896"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48987-e6c09a8e",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c",
            "function": "v4l2_valid_dv_timings"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2572ab14b73aa45b6ae7e4c089ccf119fed5cf89",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1323.0,
            "function_hash": "24552138738169863162938895238603598896"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48987-e91f2912",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c",
            "function": "v4l2_valid_dv_timings"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6fb8bc29bfa80707994a63cc97e2f9920e0b0608",
        "deprecated": false
    },
    {
        "signature_version": "v1",
        "digest": {
            "length": 1323.0,
            "function_hash": "24552138738169863162938895238603598896"
        },
        "signature_type": "Function",
        "id": "CVE-2022-48987-e9bbe24b",
        "target": {
            "file": "drivers/media/v4l2-core/v4l2-dv-timings.c",
            "function": "v4l2_valid_dv_timings"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d73b49c4037199472b29574ae21c21aef493971",
        "deprecated": false
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.9.332

Fixed

4.9.336

Type: ECOSYSTEM
Events: Introduced

4.14.298

Fixed

4.14.302

Type: ECOSYSTEM
Events: Introduced

4.19.264

Fixed

4.19.269

Type: ECOSYSTEM
Events: Introduced

5.4.223

Fixed

5.4.227

Type: ECOSYSTEM
Events: Introduced

5.10.153

Fixed

5.10.159

Type: ECOSYSTEM
Events: Introduced

5.15.77

Fixed

5.15.83

Type: ECOSYSTEM
Events: Introduced

6.0.7

Fixed

6.0.13