ghsa-2p5r-q4hr-3fg4
Vulnerability from github
In the Linux kernel, the following vulnerability has been resolved:
fbdev: fb_pm2fb: Avoid potential divide by zero error
In do_fb_ioctl() of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be
copied from user, then go through fb_set_var() and
info->fbops->fb_check_var() which could may be pm2fb_check_var().
Along the path, var->pixclock won't be modified. This function checks
whether reciprocal of var->pixclock is too high. If var->pixclock is
zero, there will be a divide by zero error. So, it is necessary to check
whether denominator is zero to avoid crash. As this bug is found by
Syzkaller, logs are listed below.
divide error in pm2fb_check_var Call Trace: fb_set_var+0x367/0xeb0 drivers/video/fbdev/core/fbmem.c:1015 do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110 fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189
{
"affected": [],
"aliases": [
"CVE-2022-49978"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-18T11:15:25Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fb_pm2fb: Avoid potential divide by zero error\n\nIn `do_fb_ioctl()` of fbmem.c, if cmd is FBIOPUT_VSCREENINFO, var will be\ncopied from user, then go through `fb_set_var()` and\n`info-\u003efbops-\u003efb_check_var()` which could may be `pm2fb_check_var()`.\nAlong the path, `var-\u003epixclock` won\u0027t be modified. This function checks\nwhether reciprocal of `var-\u003epixclock` is too high. If `var-\u003epixclock` is\nzero, there will be a divide by zero error. So, it is necessary to check\nwhether denominator is zero to avoid crash. As this bug is found by\nSyzkaller, logs are listed below.\n\ndivide error in pm2fb_check_var\nCall Trace:\n \u003cTASK\u003e\n fb_set_var+0x367/0xeb0 drivers/video/fbdev/core/fbmem.c:1015\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189",
"id": "GHSA-2p5r-q4hr-3fg4",
"modified": "2025-06-18T12:30:39Z",
"published": "2025-06-18T12:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49978"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0f1174f4972ea9fad6becf8881d71adca8e9ca91"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/19f953e7435644b81332dd632ba1b2d80b1e37af"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/34c3dea1189525cd533071ed5c176fc4ea8d982b"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3ec326a6a0d4667585ca595f438c7293e5ced7c4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7d9591b32a9092fc6391a316b56e8016c6181c3d"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7f88cdfea8d7f4dbaf423d808241403b2bb945e4"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/8fc778ee2fb2853f7a3531fa7273349640d8e4e9"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/cb4bb011a683532841344ca7f281b5e04389b4f8"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.