CVE-2022-48655
firmware: arm_scmi: Harden accesses to the reset domains
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Harden accesses to the reset domains
Accessing reset domains descriptors by the index upon the SCMI drivers
requests through the SCMI reset operations interface can potentially
lead to out-of-bound violations if the SCMI driver misbehave.
Add an internal consistency check before any such domains descriptors
accesses.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_scmi: Refuerza los accesos a los dominios de reinicio. El acceso a los descriptores de dominios de reinicio por el índice ante las solicitudes de los controladores SCMI a través de la interfaz de operaciones de reinicio de SCMI puede conducir potencialmente a violaciones fuera de los límites. si el controlador SCMI se comporta mal. Agregue una verificación de coherencia interna antes de que se acceda a dichos descriptores de dominio.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-02-25 CVE Reserved
- 2024-04-28 CVE Published
- 2024-05-01 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-125: Out-of-bounds Read
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/95a15d80aa0de938299acfcbc6aa6f2b16f5d7e5 | Vuln. Introduced | |
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4 < 5.4.277 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.4.277" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4 < 5.10.218 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.10.218" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4 < 5.15.71 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.15.71" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4 < 5.19.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 5.19.12" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4 < 6.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4 < 6.0" | en |
Affected
|