LinuxVULNRICHMENT:CVE-2022-48672CVE-2022-48672 of: fdt: fix off-by-one error in unflatten_dt_nodes()
AI Score
Confidence
Low
EPSS
Percentile
5.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
In the Linux kernel, the following vulnerability has been resolved:
of: fdt: fix off-by-one error in unflatten_dt_nodes()
Commit 78c44d910d3e (“drivers/of: Fix depth when unflattening devicetree”)
forgot to fix up the depth check in the loop body in unflatten_dt_nodes()
which makes it possible to overflow the nps[] buffer…
Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.
CNA Affected
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "78c44d910d3e",
"lessThan": "cbdda20ce363",
"versionType": "git"
},
{
"status": "affected",
"version": "78c44d910d3e",
"lessThan": "2566706ac639",
"versionType": "git"
},
{
"status": "affected",
"version": "78c44d910d3e",
"lessThan": "e0e88c25f88b",
"versionType": "git"
},
{
"status": "affected",
"version": "78c44d910d3e",
"lessThan": "ee4369260e77",
"versionType": "git"
},
{
"status": "affected",
"version": "78c44d910d3e",
"lessThan": "ba6b9f7cc110",
"versionType": "git"
},
{
"status": "affected",
"version": "78c44d910d3e",
"lessThan": "2133f4513116",
"versionType": "git"
},
{
"status": "affected",
"version": "78c44d910d3e",
"lessThan": "2f945a792f67",
"versionType": "git"
}
],
"programFiles": [
"drivers/of/fdt.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "4.7"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "4.7",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "4.14.295",
"versionType": "custom",
"lessThanOrEqual": "4.14.*"
},
{
"status": "unaffected",
"version": "4.19.260",
"versionType": "custom",
"lessThanOrEqual": "4.19.*"
},
{
"status": "unaffected",
"version": "5.4.215",
"versionType": "custom",
"lessThanOrEqual": "5.4.*"
},
{
"status": "unaffected",
"version": "5.10.145",
"versionType": "custom",
"lessThanOrEqual": "5.10.*"
},
{
"status": "unaffected",
"version": "5.15.70",
"versionType": "custom",
"lessThanOrEqual": "5.15.*"
},
{
"status": "unaffected",
"version": "5.19.11",
"versionType": "custom",
"lessThanOrEqual": "5.19.*"
},
{
"status": "unaffected",
"version": "6.0",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"drivers/of/fdt.c"
],
"defaultStatus": "affected"
}
]References
git.kernel.org/stable/c/2133f451311671c7c42b5640d2b999326b39aa0e
git.kernel.org/stable/c/2566706ac6393386a4e7c4ce23fe17f4c98d9aa0
git.kernel.org/stable/c/2f945a792f67815abca26fa8a5e863ccf3fa1181
git.kernel.org/stable/c/ba6b9f7cc1108bad6e2c53b1d6e0156379188db7
git.kernel.org/stable/c/cbdda20ce363356698835185801a58a28f644853
git.kernel.org/stable/c/e0e88c25f88b9805572263c9ed20f1d88742feaf
git.kernel.org/stable/c/ee4369260e77821602102dcc7d792de39a56365c
Related
AI Score
Confidence
Low
EPSS
Percentile
5.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial