CVE-2022-49145

Summary

In the Linux kernel, the following vulnerability has been resolved:

ACPI: CPPC: Avoid out of bounds access when parsing _CPC data

If the NumEntries field in the _CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may not be present then.

BugLink: https://lore.kernel.org/lkml/20220322143534.GC32582@xsang-OptiPlex-9020/

Affected Software

VendorProductVersion RangeStatus
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < b3f15609ffa521de12244cd6af24002030dda3f5affected
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < d208ea44e25b31db5a4d5e8c31df51787a3e9303affected
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < 28d5387c1994f5e1e0d41b30a1f3dd6e1f609252affected
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < cb249f8c00f40dba83b7da8207ac14ca46e9ec9eaffected
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < e5b681822cac1f8093759b02e16c06b2c64b6788affected
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < 97b5593fd1b182b3fdb180b6bbe64ec09669988baffected
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < b80b19b32a432c9eee1cd200ef7aaddf608f54d1affected
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < d7339f2a3938fb56b5f28d53f5345900b5fa0e74affected
LinuxLinux337aadff8e4567e39669e07d9a88b789d78458b5 < 40d8abf364bcab23bc715a9221a3c8623956257baffected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux4.9.311 <= 4.9.*unaffected
LinuxLinux4.14.276 <= 4.14.*unaffected
LinuxLinux4.19.238 <= 4.19.*unaffected
LinuxLinux5.4.189 <= 5.4.*unaffected
LinuxLinux5.10.110 <= 5.10.*unaffected
LinuxLinux5.15.33 <= 5.15.*unaffected
LinuxLinux5.16.19 <= 5.16.*unaffected
LinuxLinux5.17.2 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

References