CVE-2022-48804

In the Linux kernel, the following vulnerability has been resolved: vt_ioctl: fix array_index_nospec in vt_setactivate array_index_nospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console should be decreased first and then sanitized with array_index_nospec. Kasper Acknowledgements: Jakob Koschel, Brian Johannesmeyer, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida from the VUSec group at VU Amsterdam.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*

History

09 Sep 2024, 18:19

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se resolvió la siguiente vulnerabilidad: vt_ioctl: corrige array_index_nospec en vt_setactivate array_index_nospec garantiza que un valor fuera de los límites se establezca en cero en la ruta transitoria. Disminuir el valor en uno posteriormente provoca un desbordamiento de enteros transitorio. vsa.console debe reducirse primero y luego desinfectarse con array_index_nospec. Agradecimientos de Kasper: Jakob Koschel, Brian Johannesmeyer, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida del grupo VUSec en VU Amsterdam.
First Time Linux linux Kernel
Linux
References () https://git.kernel.org/stable/c/170325aba4608bde3e7d21c9c19b7bc266ac0885 - () https://git.kernel.org/stable/c/170325aba4608bde3e7d21c9c19b7bc266ac0885 - Patch
References () https://git.kernel.org/stable/c/2a45a6bd1e6d651770aafff57ab3e1d3bb0b42e0 - () https://git.kernel.org/stable/c/2a45a6bd1e6d651770aafff57ab3e1d3bb0b42e0 - Patch
References () https://git.kernel.org/stable/c/61cc70d9e8ef5b042d4ed87994d20100ec8896d9 - () https://git.kernel.org/stable/c/61cc70d9e8ef5b042d4ed87994d20100ec8896d9 - Patch
References () https://git.kernel.org/stable/c/6550bdf52846f85a2a3726a5aa0c7c4399f2fc02 - () https://git.kernel.org/stable/c/6550bdf52846f85a2a3726a5aa0c7c4399f2fc02 - Patch
References () https://git.kernel.org/stable/c/778302ca09498b448620edd372dc908bebf80bdf - () https://git.kernel.org/stable/c/778302ca09498b448620edd372dc908bebf80bdf - Patch
References () https://git.kernel.org/stable/c/830c5aa302ec16b4ee641aec769462c37f802c90 - () https://git.kernel.org/stable/c/830c5aa302ec16b4ee641aec769462c37f802c90 - Patch
References () https://git.kernel.org/stable/c/ae3d57411562260ee3f4fd5e875f410002341104 - () https://git.kernel.org/stable/c/ae3d57411562260ee3f4fd5e875f410002341104 - Patch
References () https://git.kernel.org/stable/c/ffe54289b02e9c732d6f04c8ebbe3b2d90d32118 - () https://git.kernel.org/stable/c/ffe54289b02e9c732d6f04c8ebbe3b2d90d32118 - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CWE CWE-191
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*

16 Jul 2024, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-16 12:15

Updated : 2024-09-09 18:19


NVD link : CVE-2022-48804

Mitre link : CVE-2022-48804

CVE.ORG link : CVE-2022-48804


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-191

Integer Underflow (Wrap or Wraparound)