CVE-2022-48730
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
dma-buf: heaps: Fix potential spectre v1 gadget
It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via speculative execution by using array_index_nospec.
[sumits: added fixes and cc: stable tags]
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | c02a81fba74fe3488ad6b08bfb5a1329005418f8 < 5d40f1bdad3dd1a177f21a90ad4353c1ed40ba3a | affected |
| Linux | Linux | c02a81fba74fe3488ad6b08bfb5a1329005418f8 < 24f8e12d965b24f8aea762589e0e9fe2025c005e | affected |
| Linux | Linux | c02a81fba74fe3488ad6b08bfb5a1329005418f8 < cc8f7940d9c2d45f67b3d1a2f2b7a829ca561bed | affected |
| Linux | Linux | c02a81fba74fe3488ad6b08bfb5a1329005418f8 < 92c4cfaee6872038563c5b6f2e8e613f9d84d47d | affected |
| Linux | Linux | 5.6 | affected |
| Linux | Linux | 0 < 5.6 | unaffected |
| Linux | Linux | 5.10.99 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.22 <= 5.15.* | unaffected |
| Linux | Linux | 5.16.8 <= 5.16.* | unaffected |
| Linux | Linux | 5.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/5d40f1bdad3dd1a177f21a90ad4353c1ed40ba3a
- https://git.kernel.org/stable/c/24f8e12d965b24f8aea762589e0e9fe2025c005e
- https://git.kernel.org/stable/c/cc8f7940d9c2d45f67b3d1a2f2b7a829ca561bed
- https://git.kernel.org/stable/c/92c4cfaee6872038563c5b6f2e8e613f9d84d47d
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/5d40f1bdad3dd1a177f21a90ad4353c1ed40ba3a
- https://git.kernel.org/stable/c/24f8e12d965b24f8aea762589e0e9fe2025c005e
- https://git.kernel.org/stable/c/cc8f7940d9c2d45f67b3d1a2f2b7a829ca561bed
- https://git.kernel.org/stable/c/92c4cfaee6872038563c5b6f2e8e613f9d84d47d
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.