VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 8, 2025· Updated Apr 15, 2026

CVE-2022-50628

CVE-2022-50628

Description

In the Linux kernel, the following vulnerability has been resolved:

drm/gud: Fix UBSAN warning

UBSAN complains about invalid value for bool:

[ 101.165172] [drm] Initialized gud 1.0.0 20200422 for 2-3.2:1.0 on minor 1 [ 101.213360] gud 2-3.2:1.0: [drm] fb1: guddrmfb frame buffer device [ 101.213426] usbcore: registered new interface driver gud [ 101.989431] ================================================================================ [ 101.989441] UBSAN: invalid-load in linux/include/linux/iosys-map.h:253:9 [ 101.989447] load of value 121 is not a valid value for type '_Bool' [ 101.989451] CPU: 1 PID: 455 Comm: kworker/1:6 Not tainted 5.18.0-rc5-gud-5.18-rc5 #3 [ 101.989456] Hardware name: Hewlett-Packard HP EliteBook 820 G1/1991, BIOS L71 Ver. 01.44 04/12/2018 [ 101.989459] Workqueue: events_long gud_flush_work [gud] [ 101.989471] Call Trace: [ 101.989474] [ 101.989479] dump_stack_lvl+0x49/0x5f [ 101.989488] dump_stack+0x10/0x12 [ 101.989493] ubsan_epilogue+0x9/0x3b [ 101.989498] __ubsan_handle_load_invalid_value.cold+0x44/0x49 [ 101.989504] dma_buf_vmap.cold+0x38/0x3d [ 101.989511] ? find_busiest_group+0x48/0x300 [ 101.989520] drm_gem_shmem_vmap+0x76/0x1b0 [drm_shmem_helper] [ 101.989528] drm_gem_shmem_object_vmap+0x9/0xb [drm_shmem_helper] [ 101.989535] drm_gem_vmap+0x26/0x60 [drm] [ 101.989594] drm_gem_fb_vmap+0x47/0x150 [drm_kms_helper] [ 101.989630] gud_prep_flush+0xc1/0x710 [gud] [ 101.989639] ? _raw_spin_lock+0x17/0x40 [ 101.989648] gud_flush_work+0x1e0/0x430 [gud] [ 101.989653] ? __switch_to+0x11d/0x470 [ 101.989664] process_one_work+0x21f/0x3f0 [ 101.989673] worker_thread+0x200/0x3e0 [ 101.989679] ? rescuer_thread+0x390/0x390 [ 101.989684] kthread+0xfd/0x130 [ 101.989690] ? kthread_complete_and_exit+0x20/0x20 [ 101.989696] ret_from_fork+0x22/0x30 [ 101.989706] [ 101.989708] ================================================================================

The source of this warning is in iosys_map_clear() called from dma_buf_vmap(). It conditionally sets values based on map->is_iomem. The iosys_map variables are allocated uninitialized on the stack leading to ->is_iomem having all kinds of values and not only 0/1.

Fix this by zeroing the iosys_map variables.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A UBSAN warning in the Linux kernel's GUD driver reveals an invalid boolean load, indicating a potential memory corruption or undefined behavior issue.

Vulnerability

Overview

CVE-2022-50628 is a vulnerability in the Linux kernel's GUD (Generic USB Display) driver, specifically in the iosys-map.h header file. The issue manifests as a UBSAN (Undefined Behavior Sanitizer) warning about an invalid boolean value load, where a value of 121 is loaded as a _Bool type, which is undefined behavior. This occurs in the dma_buf_vmap function called from iosys_map_clear()_map_clear(), as shown in the kernel log trace [1].

Exploitation and

Attack Surface

The vulnerability is triggered during normal operation of the GUD driver, specifically in the gud_flush_work workqueue handler. The attack surface is local, requiring access to a system with the GUD driver loaded and a USB display device connected. No special privileges are needed beyond normal user access to trigger the UBSAN warning, but exploitation for memory corruption would require further analysis. The warning appears in kernel 5.18.0-rc5, indicating it affects recent kernel versions at the time of discovery [1].

Impact

The primary impact is a kernel UBSAN warning, which indicates undefined behavior that could potentially lead to memory corruption or system instability. While the immediate effect is a warning message, the underlying issue of loading an invalid boolean value could be exploited to cause a denial of service or potentially escalate privileges if the undefined behavior is leveraged. The vulnerability is classified with a CVSS score of 5.5 (medium severity), reflecting the local attack vector and potential for denial of service disruption [1].

Mitigation

Status

The fix for this vulnerability is included in the Linux kernel stable tree, as referenced in the commit e1078b270d218f8d58efb4d78ea25a4d16ba3490. Users are advised to update to a kernel version containing this patch. No workaround is available other than applying the kernel update. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog) as of the publication date [1].

References
  1. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2

Patches

3
832f861a4603
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
e1078b270d21
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
951df98024f7
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.