{
  "threat_severity" : "Low",
  "public_date" : "2025-12-30T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback",
    "id" : "2426172",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2426172"
  },
  "cvss3" : {
    "cvss3_base_score" : "2.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-843",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\ndrm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback\nWith clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),\nindirect call targets are validated against the expected function\npointer prototype to make sure the call target is valid to help mitigate\nROP attacks. If they are not identical, there is a failure at run time,\nwhich manifests as either a kernel panic or thread getting killed. A\nproposed warning in clang aims to catch these at compile time, which\nreveals:\ndrivers/gpu/drm/amd/amdgpu/../pm/swsmu/amdgpu_smu.c:3008:29: error: incompatible function pointer types initializing 'int (*)(void *, uint32_t, long *, uint32_t)' (aka 'int (*)(void *, unsigned int, long *, unsigned int)') with an expression of type 'int (void *, enum PP_OD_DPM_TABLE_COMMAND, long *, uint32_t)' (aka 'int (void *, enum PP_OD_DPM_TABLE_COMMAND, long *, unsigned int)') [-Werror,-Wincompatible-function-pointer-types-strict]\n.odn_edit_dpm_table      = smu_od_edit_dpm_table,\n^~~~~~~~~~~~~~~~~~~~~\n1 error generated.\nThere are only two implementations of ->odn_edit_dpm_table() in 'struct\namd_pm_funcs': smu_od_edit_dpm_table() and pp_odn_edit_dpm_table(). One\nhas a second parameter type of 'enum PP_OD_DPM_TABLE_COMMAND' and the\nother uses 'u32'. Ultimately, smu_od_edit_dpm_table() calls\n->od_edit_dpm_table() from 'struct pptable_funcs' and\npp_odn_edit_dpm_table() calls ->odn_edit_dpm_table() from 'struct\npp_hwmgr_func', which both have a second parameter type of 'enum\nPP_OD_DPM_TABLE_COMMAND'.\nUpdate the type parameter in both the prototype in 'struct amd_pm_funcs'\nand pp_odn_edit_dpm_table() to 'enum PP_OD_DPM_TABLE_COMMAND', which\ncleans up the warning.", "A function prototype mismatch was found in the AMD GPU driver's DPM table callbacks. When kCFI (Control Flow Integrity) is enabled, the mismatched types cause CFI validation failures, potentially crashing the kernel." ],
  "statement" : "This issue only manifests when CONFIG_CFI_CLANG is enabled, which is not a common configuration in most distributions. Without CFI enabled, the type mismatch has no runtime impact due to compatible ABI representation.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-11-14T00:00:00Z",
    "advisory" : "RHSA-2023:7077",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-513.5.1.el8_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-50844\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50844\nhttps://lore.kernel.org/linux-cve-announce/2025123020-CVE-2022-50844-64ab@gregkh/T" ],
  "name" : "CVE-2022-50844",
  "csaw" : false
}