CVE-2022-48672

HIGH

Linux Kernel 4.7-5.19.11 - Off-by-one Error in unflatten_dt_nodes()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: of: fdt: fix off-by-one error in unflatten_dt_nodes() Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree") forgot to fix up the depth check in the loop body in unflatten_dt_nodes() which makes it possible to overflow the nps[] buffer... Found by Linux Verification Center (linuxtesting.org) with the SVACE static analysis tool.

References (7)

Core 7

Core References

Patch

https://git.kernel.org/stable/c/cbdda20ce363356698835185801a58a28f644853

Patch

https://git.kernel.org/stable/c/2566706ac6393386a4e7c4ce23fe17f4c98d9aa0

Patch

https://git.kernel.org/stable/c/e0e88c25f88b9805572263c9ed20f1d88742feaf

Patch

https://git.kernel.org/stable/c/ee4369260e77821602102dcc7d792de39a56365c

Patch

https://git.kernel.org/stable/c/ba6b9f7cc1108bad6e2c53b1d6e0156379188db7

Patch

https://git.kernel.org/stable/c/2133f451311671c7c42b5640d2b999326b39aa0e

Patch

https://git.kernel.org/stable/c/2f945a792f67815abca26fa8a5e863ccf3fa1181

Scores

CVSS v3 7.8

EPSS 0.0025

EPSS Percentile 15.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-193

Status published

Products (23)

linux/Kernel 4.15.0 - 4.19.260linux

linux/Kernel 4.20.0 - 5.4.215linux

linux/Kernel 4.7.0 - 4.14.295linux

linux/Kernel 5.11.0 - 5.15.70linux

linux/Kernel 5.16.0 - 5.19.11linux

linux/Kernel 5.5.0 - 5.10.145linux

Linux/Linux < 4.7

Linux/Linux 4.14.295 - 4.14.*

Linux/Linux 4.19.260 - 4.19.*

Linux/Linux 4.7

... and 13 more

Published May 03, 2024

Tracked Since Feb 18, 2026