CVE-2022-48672
of: fdt: fix off-by-one error in unflatten_dt_nodes()
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
of: fdt: fix off-by-one error in unflatten_dt_nodes()
Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree")
forgot to fix up the depth check in the loop body in unflatten_dt_nodes()
which makes it possible to overflow the nps[] buffer...
Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: de: fdt: corrige el error uno por uno en unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: corrige la profundidad al desacoplar el árbol de dispositivos") olvidó arreglar la comprobación de profundidad el cuerpo del bucle en unflatten_dt_nodes() que permite desbordar el búfer nps[]... Encontrado por el Centro de verificación de Linux (linuxtesting.org) con la herramienta de análisis estático SVACE.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-25 CVE Reserved
- 2024-05-03 CVE Published
- 2024-05-24 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-193: Off-by-one Error
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/78c44d910d3e5f96dc6b3695fc1e4efd7c46a455 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2022-48672 | 2024-11-12 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2278939 | 2024-11-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 4.14.295 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 4.14.295" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 4.19.260 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 4.19.260" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 5.4.215 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 5.4.215" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 5.10.145 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 5.10.145" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 5.15.70 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 5.15.70" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 5.19.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 5.19.11" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 6.0 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 6.0" | en |
Affected
|