| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025061808-CVE-2022-49946-6601@gregkh> Date: Wed, 18 Jun 2025 13:00:11 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-49946: clk: bcm: rpi: Prevent out-of-bounds access From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypi_discover_clocks() relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore firmware and it doesn't guarantuee such a behavior this could lead to out-of-bounds access. So fix this by providing a sentinel element. The Linux kernel CVE team has assigned CVE-2022-49946 to this issue. Affected and fixed versions =========================== Issue introduced in 5.9 with commit 93d2725affd65686792f4b57e49ef660f3c8c0f9 and fixed in 5.10.142 with commit fcae47b2d23c81603b01f56cf8db63ed64599d34 Issue introduced in 5.9 with commit 93d2725affd65686792f4b57e49ef660f3c8c0f9 and fixed in 5.15.66 with commit ff0b144d4b0a9fbd6efe4d2c0a4b6c9bae2138d2 Issue introduced in 5.9 with commit 93d2725affd65686792f4b57e49ef660f3c8c0f9 and fixed in 5.19.8 with commit c8b04b731d43366824841ebdca4ac715f95e0ea4 Issue introduced in 5.9 with commit 93d2725affd65686792f4b57e49ef660f3c8c0f9 and fixed in 6.0 with commit bc163555603e4ae9c817675ad80d618a4cdbfa2d Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49946 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/clk/bcm/clk-raspberrypi.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/fcae47b2d23c81603b01f56cf8db63ed64599d34 https://git.kernel.org/stable/c/ff0b144d4b0a9fbd6efe4d2c0a4b6c9bae2138d2 https://git.kernel.org/stable/c/c8b04b731d43366824841ebdca4ac715f95e0ea4 https://git.kernel.org/stable/c/bc163555603e4ae9c817675ad80d618a4cdbfa2d
Powered by blists - more mailing lists