CVE-2022-48730

Summary

In the Linux kernel, the following vulnerability has been resolved:

dma-buf: heaps: Fix potential spectre v1 gadget

It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via speculative execution by using array_index_nospec.

[sumits: added fixes and cc: stable tags]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc02a81fba74fe3488ad6b08bfb5a1329005418f8 < 5d40f1bdad3dd1a177f21a90ad4353c1ed40ba3aaffected
LinuxLinuxc02a81fba74fe3488ad6b08bfb5a1329005418f8 < 24f8e12d965b24f8aea762589e0e9fe2025c005eaffected
LinuxLinuxc02a81fba74fe3488ad6b08bfb5a1329005418f8 < cc8f7940d9c2d45f67b3d1a2f2b7a829ca561bedaffected
LinuxLinuxc02a81fba74fe3488ad6b08bfb5a1329005418f8 < 92c4cfaee6872038563c5b6f2e8e613f9d84d47daffected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.10.99 <= 5.10.*unaffected
LinuxLinux5.15.22 <= 5.15.*unaffected
LinuxLinux5.16.8 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References