In the Linux kernel, the following vulnerability has been resolved:
drm/mediatek: dp: drmerr => deverr in HPD path to avoid NULL ptr
The function mtkdpwaithpdasserted() may be called before the
mtk_dp->drm_dev
pointer is assigned in mtkdpbridgeattach().
Specifically it can be called via this callpath:
- mtkedpwaithpdasserted
- [panel probe]
- dpauxepprobe
Using "drm" level prints anywhere in this callpath causes a NULL pointer dereference. Change the error message directly in mtkdpwaithpdasserted() to deverr() to avoid this. Also change the error messages in mtkdpparsecapabilities(), which is called by mtkdpwaithpdasserted().
While touching these prints, also add the error code to them to make future debugging easier.