CVE-2022-50010

Source
https://cve.org/CVERecord?id=CVE-2022-50010
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50010.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-50010
Downstream
Related
Published
2025-06-18T11:01:15.030Z
Modified
2026-07-08T06:46:56.597816331Z
Summary
video: fbdev: i740fb: Check the argument of i740_calc_vclk()
Details

In the Linux kernel, the following vulnerability has been resolved:

video: fbdev: i740fb: Check the argument of i740calcvclk()

Since the user can control the arguments of the ioctl() from the user space, under special arguments that may result in a divide-by-zero bug.

If the user provides an improper 'pixclock' value that makes the argumet of i740calcvclk() less than 'I740RFREQFIX', it will cause a divide-by-zero bug in: drivers/video/fbdev/i740fb.c:353 pbest = min(15, ilog2(I740MAXVCOFREQ / (freq / I740RFREQFIX)));

The following log can reveal it:

divide error: 0000 [#1] PREEMPT SMP KASAN PTI RIP: 0010:i740calcvclk drivers/video/fbdev/i740fb.c:353 [inline] RIP: 0010:i740fbdecodevar drivers/video/fbdev/i740fb.c:646 [inline] RIP: 0010:i740fbsetpar+0x163f/0x3b70 drivers/video/fbdev/i740fb.c:742 Call Trace: fbsetvar+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034 dofbioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110 fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189

Fix this by checking the argument of i740calcvclk() first.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50010.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5350c65f4f15bbc111ffa629130d3f32cdd4ccf6
Fixed
59cefb583c984c0da8cf21a4c57d26d5a20dff5c
Fixed
656689cb03ada4650016c153346939a1c334b1ae
Fixed
d2d375eb68b4b8de6ea7460483a26fa9de56b443
Fixed
2b7f559152a33c55f51b569b22efbe5e24886798
Fixed
4b20c61365140d432dee7da7aa294215e7b900d9
Fixed
e740e787f06671455b59d1e498c9945f7b4e7b3b
Fixed
f350812e2d15278f1d867eeb997407782234fb3c
Fixed
40bf722f8064f50200b8c4f8946cd625b441dda9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50010.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
3.4.0
Fixed
4.9.326
Type
ECOSYSTEM
Events
Introduced
4.10.0
Fixed
4.14.291
Type
ECOSYSTEM
Events
Introduced
4.15.0
Fixed
4.19.256
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.211
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.138
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.63
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.19.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50010.json"