CVE-2022-49952

Summary

In the Linux kernel, the following vulnerability has been resolved:

misc: fastrpc: fix memory corruption on probe

Add the missing sanity check on the probed-session count to avoid corrupting memory beyond the fixed-size slab-allocated session array when there are more than FASTRPC_MAX_SESSIONS sessions defined in the devicetree.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf6f9279f2bf0e37e2f1fb119d8832b8568536a04 < ec186b9f4aa2e6444d5308a6cc268aada7007639affected
LinuxLinuxf6f9279f2bf0e37e2f1fb119d8832b8568536a04 < c99bc901d5eb9fbdd7bd39f625e170ce97390336affected
LinuxLinuxf6f9279f2bf0e37e2f1fb119d8832b8568536a04 < 0e33b0f322fecd7a92d9dc186535cdf97940a856affected
LinuxLinuxf6f9279f2bf0e37e2f1fb119d8832b8568536a04 < c0425c2facd9166fa083f90c9f3187ace0c7837aaffected
LinuxLinuxf6f9279f2bf0e37e2f1fb119d8832b8568536a04 < 9baa1415d9abdd1e08362ea2dcfadfacee8690b5affected
LinuxLinux5.1affected
LinuxLinux0 < 5.1unaffected
LinuxLinux5.4.213 <= 5.4.*unaffected
LinuxLinux5.10.142 <= 5.10.*unaffected
LinuxLinux5.15.66 <= 5.15.*unaffected
LinuxLinux5.19.8 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References