CVE-2022-50360 in Linux
Summary
by MITRE • 09/17/2025
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/dp: fix aux-bus EP lifetime
Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggregate device is deferred.
This can lead resource leaks or failure to bind the aggregate device when binding is later retried and a second attempt to allocate the resources is made.
For the DP aux-bus, an attempt to populate the bus a second time will simply fail ("DP AUX EP device already populated").
Fix this by tying the lifetime of the EP device to the DRM device rather than DP controller platform device.
Patchwork: https://patchwork.freedesktop.org/patch/502672/
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 12/27/2025
The vulnerability CVE-2022-50360 resides within the Linux kernel's display subsystem, specifically affecting the drm/msm/dp driver component responsible for managing display port auxiliary buses. This issue represents a resource management flaw that occurs during the dynamic binding process of display devices, where device-managed resources are improperly associated with the wrong lifecycle context. The vulnerability stems from the incorrect association of endpoint device lifetimes with platform devices rather than the aggregate DRM device, creating a fundamental mismatch in how system resources are tracked and released during device binding operations.
The technical flaw manifests when component binding occurs in a specific sequence where device-managed resources are allocated after the initial component binding phase. These resources become orphaned when the aggregate DRM device binding is deferred, as they are not properly tied to the DRM device's lifecycle. This misalignment causes a cascade of issues where the system fails to release allocated resources correctly, leading to resource leaks that accumulate over time. The problem becomes particularly critical when binding operations are retried, as the second attempt to allocate resources fails with the specific error message "DP AUX EP device already populated," indicating that the system cannot properly reinitialize the auxiliary bus endpoint.
The operational impact of this vulnerability extends beyond simple resource leaks to potentially catastrophic device binding failures. When the aggregate DRM device binding process is deferred and later retried, the system cannot successfully reinitialize the auxiliary bus endpoint due to the pre-existing resource allocation that was never properly released. This creates a binding loop where the device cannot progress through its initialization sequence, effectively preventing display functionality from working correctly. The vulnerability affects systems using display port controllers where the msm drm driver is employed, particularly impacting mobile and embedded systems that rely on dynamic device binding for power management and device configuration.
Security implications of this vulnerability align with CWE-404, which addresses improper resource management, and can be categorized under ATT&CK technique T1547.001 for privilege escalation through kernel module manipulation. The resource leak aspect creates potential denial of service conditions where display subsystem functionality becomes unavailable, while the binding failure scenario can lead to system instability and potential privilege escalation opportunities if attackers can manipulate the binding sequence. Mitigation strategies should focus on ensuring proper device lifecycle management by tying endpoint device allocations to the DRM device rather than platform devices, as implemented in the patch. System administrators should apply the kernel patch immediately and monitor for resource consumption anomalies in systems running affected kernel versions, particularly in mobile device environments where dynamic binding is more prevalent. The fix addresses the root cause by redefining the resource allocation scope to match the proper device lifecycle boundaries, preventing both resource leaks and binding failures in subsequent retry attempts.