{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2022-50102","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-06-18T10:57:27.412Z","datePublished":"2025-06-18T11:02:38.099Z","dateUpdated":"2026-05-11T19:12:52.428Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:12:52.428Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()\n\nSince the user can control the arguments of the ioctl() from the user\nspace, under special arguments that may result in a divide-by-zero bug\nin:\n  drivers/video/fbdev/arkfb.c:784: ark_set_pixclock(info, (hdiv * info->var.pixclock) / hmul);\nwith hdiv=1, pixclock=1 and hmul=2 you end up with (1*1)/2 = (int) 0.\nand then in:\n  drivers/video/fbdev/arkfb.c:504: rv = dac_set_freq(par->dac, 0, 1000000000 / pixclock);\nwe'll get a division-by-zero.\n\nThe following log can reveal it:\n\ndivide error: 0000 [#1] PREEMPT SMP KASAN PTI\nRIP: 0010:ark_set_pixclock drivers/video/fbdev/arkfb.c:504 [inline]\nRIP: 0010:arkfb_set_par+0x10fc/0x24c0 drivers/video/fbdev/arkfb.c:784\nCall Trace:\n fb_set_var+0x604/0xeb0 drivers/video/fbdev/core/fbmem.c:1034\n do_fb_ioctl+0x234/0x670 drivers/video/fbdev/core/fbmem.c:1110\n fb_ioctl+0xdd/0x130 drivers/video/fbdev/core/fbmem.c:1189\n\nFix this by checking the argument of ark_set_pixclock() first."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/video/fbdev/arkfb.c"],"versions":[{"version":"681e14730c73cc2c71af282c001de6bc71c22f00","lessThan":"76b3f0a0b56e53a960a14624a0f48b3d94b5e7e7","status":"affected","versionType":"git"},{"version":"681e14730c73cc2c71af282c001de6bc71c22f00","lessThan":"b9a66f23612b84617e04412169e155a4b92f632d","status":"affected","versionType":"git"},{"version":"681e14730c73cc2c71af282c001de6bc71c22f00","lessThan":"a249e1b89ca25e1c34bdf96154e3f6224a91a9af","status":"affected","versionType":"git"},{"version":"681e14730c73cc2c71af282c001de6bc71c22f00","lessThan":"0288fa799e273b08839037499d704dc7bdc13e9a","status":"affected","versionType":"git"},{"version":"681e14730c73cc2c71af282c001de6bc71c22f00","lessThan":"236c1502520b7b08955467ec2e50b3232e34f1f9","status":"affected","versionType":"git"},{"version":"681e14730c73cc2c71af282c001de6bc71c22f00","lessThan":"9ebc5031958c1f3a2795e4533b4091d77c738d14","status":"affected","versionType":"git"},{"version":"681e14730c73cc2c71af282c001de6bc71c22f00","lessThan":"15661642511b2b192077684a89f42a8d95d54286","status":"affected","versionType":"git"},{"version":"681e14730c73cc2c71af282c001de6bc71c22f00","lessThan":"2f1c4523f7a3aaabe7e53d3ebd378292947e95c8","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/video/fbdev/arkfb.c"],"versions":[{"version":"2.6.22","status":"affected"},{"version":"0","lessThan":"2.6.22","status":"unaffected","versionType":"semver"},{"version":"4.14.291","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.256","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.211","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.137","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.61","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.18.18","lessThanOrEqual":"5.18.*","status":"unaffected","versionType":"semver"},{"version":"5.19.2","lessThanOrEqual":"5.19.*","status":"unaffected","versionType":"semver"},{"version":"6.0","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"4.14.291"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"4.19.256"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"5.4.211"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"5.10.137"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"5.15.61"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"5.18.18"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"5.19.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.22","versionEndExcluding":"6.0"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/76b3f0a0b56e53a960a14624a0f48b3d94b5e7e7"},{"url":"https://git.kernel.org/stable/c/b9a66f23612b84617e04412169e155a4b92f632d"},{"url":"https://git.kernel.org/stable/c/a249e1b89ca25e1c34bdf96154e3f6224a91a9af"},{"url":"https://git.kernel.org/stable/c/0288fa799e273b08839037499d704dc7bdc13e9a"},{"url":"https://git.kernel.org/stable/c/236c1502520b7b08955467ec2e50b3232e34f1f9"},{"url":"https://git.kernel.org/stable/c/9ebc5031958c1f3a2795e4533b4091d77c738d14"},{"url":"https://git.kernel.org/stable/c/15661642511b2b192077684a89f42a8d95d54286"},{"url":"https://git.kernel.org/stable/c/2f1c4523f7a3aaabe7e53d3ebd378292947e95c8"}],"title":"video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()","x_generator":{"engine":"bippy-1.2.0"}}}}