| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025050144-CVE-2022-49852-a851@gregkh> Date: Thu, 1 May 2025 16:10:42 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-49852: riscv: process: fix kernel info leakage From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage thread_struct's s[12] may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s[12] array in thread_struct when fork. As for kthread case, it's better to clear the s[12] array as well. The Linux kernel CVE team has assigned CVE-2022-49852 to this issue. Affected and fixed versions =========================== Issue introduced in 4.15 with commit 7db91e57a0acde126a162ababfb1e0ab190130cb and fixed in 4.19.267 with commit c4601d30f7d989b4f354df899ab85b5f7a750d30 Issue introduced in 4.15 with commit 7db91e57a0acde126a162ababfb1e0ab190130cb and fixed in 5.4.225 with commit c5c0b3167537793a7cf936fb240366eefd2fc7fb Issue introduced in 4.15 with commit 7db91e57a0acde126a162ababfb1e0ab190130cb and fixed in 5.10.155 with commit e56d18a976dda653194218df6d40d8122c775712 Issue introduced in 4.15 with commit 7db91e57a0acde126a162ababfb1e0ab190130cb and fixed in 5.15.79 with commit cc36c7fa5d9384602529ba3eea8c5daee7be4dbc Issue introduced in 4.15 with commit 7db91e57a0acde126a162ababfb1e0ab190130cb and fixed in 6.0.9 with commit 358a68f98304b40b201ba5afe94c20355aa3dc68 Issue introduced in 4.15 with commit 7db91e57a0acde126a162ababfb1e0ab190130cb and fixed in 6.1 with commit 6510c78490c490a6636e48b61eeaa6fb65981f4b Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49852 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: arch/riscv/kernel/process.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/c4601d30f7d989b4f354df899ab85b5f7a750d30 https://git.kernel.org/stable/c/c5c0b3167537793a7cf936fb240366eefd2fc7fb https://git.kernel.org/stable/c/e56d18a976dda653194218df6d40d8122c775712 https://git.kernel.org/stable/c/cc36c7fa5d9384602529ba3eea8c5daee7be4dbc https://git.kernel.org/stable/c/358a68f98304b40b201ba5afe94c20355aa3dc68 https://git.kernel.org/stable/c/6510c78490c490a6636e48b61eeaa6fb65981f4b
Powered by blists - more mailing lists