CVE-2022-49163

CVE-2022-49163 is a vulnerability in the Linux kernel's media subsystem, specifically the imx-jpeg driver, involving an out-of-bounds array access (CWE-125). The issue arises when an error occurs during JPEG parsing before a slot is properly acquired, leaving the slot value at its default MXC_MAX_SLOTS. Accessing the slot with this incorrect value leads to out-of-bounds read and write, corrupting the adjacent num_domains field in the mxc_jpeg_dev structure.

A local attacker with low privileges (PR:L) can exploit this vulnerability with low attack complexity (AC:L) and no user interaction (UI:N), as indicated by its CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H). By triggering a JPEG parsing error in the imx-jpeg driver, the attacker causes structural corruption that prevents proper detachment of power management domains during module removal (rmmod). This results in a kernel panic upon attempting to reload (insmod) the module, potentially enabling denial-of-service or unauthorized data access due to the high confidentiality and availability impacts.

Mitigation involves applying upstream patches from the Linux kernel stable repository, including commits 02f9f97d54ffc85b50ad77f5b1f3c8f69cd17747, 20c8b90430c5d6c4a3936eaa7c35aac670581487, 97558d170a1236280407e8d29a7d095d2c2ed554, and e209e6db2e527db6a93b14c2deedf969caca78fc, which fix the slot validation and bounds checking in the driver. Security practitioners should ensure affected systems update to kernels incorporating these fixes.