CVE-2022-49659

Summary

In the Linux kernel, the following vulnerability has been resolved:

can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits

In commit 1be37d3b0414 ("can: m_can: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context") the RX path for peripheral devices was switched to RX-offload.

Received CAN frames are pushed to RX-offload together with a timestamp. RX-offload is designed to handle overflows of the timestamp correctly, if 32 bit timestamps are provided.

The timestamps of m_can core are only 16 bits wide. So this patch shifts them to full 32 bit before passing them to RX-offload.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1be37d3b0414e3db47f6fcba6c16286bbae0cb65 < c7333f79888497bfd75dcd02a94eaf836dd1042caffected
LinuxLinux1be37d3b0414e3db47f6fcba6c16286bbae0cb65 < 2a2914a5bd7f38efe55a8372178146de82e0bce9affected
LinuxLinux1be37d3b0414e3db47f6fcba6c16286bbae0cb65 < 4c3333693f07313f5f0145a922f14a7d3c0f4f21affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.15.54 <= 5.15.*unaffected
LinuxLinux5.18.11 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

References