CVE-2022-49827: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability (CVE-2022-49827) was discovered in the Linux kernel's Direct Rendering Manager (DRM) subsystem, specifically affecting the drmvblankdestroy_worker() function. The vulnerability was disclosed and published to the CVE List on May 1, 2025. This security issue involves a potential null pointer dereference in the kernel's DRM subsystem (NVD, Wiz).

The vulnerability occurs in a specific sequence where drmvblankinit() calls drmmaddactionorreset() with drmvblankinitrelease() as action. If _drmmaddaction() fails, it directly calls drmvblankinitrelease() with a vblank whose worker is NULL, resulting in a null pointer dereference in kthreaddestroy_worker(). The vulnerability has been assigned a CVSS v3.1 base score of 5.5, indicating moderate severity (Red Hat).

The vulnerability affects system availability by potentially causing a kernel crash due to the null pointer dereference. The issue has been confirmed to occur in the address range [0x0000000000000068-0x000000000000006f] and can lead to system instability (Red Hat, Wiz).

The vulnerability has been fixed by adding a NULL check before calling drmvblankdestroy_worker(). Red Hat Enterprise Linux 9 has deferred the fix, while versions 6 and 8 are not affected. Version 7 is out of support scope. Ubuntu 20.04 and 22.04 have fixes available (Red Hat, Wiz).