CVE-2022-48730

MEDIUM

Linux Kernel 5.6-5.10.99 5.11-5.15.22 5.16-5.16.8 - Information Leak via Spectre v1 Gadget in DMA-BUF Heaps

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via speculative execution by using array_index_nospec. [sumits: added fixes and cc: stable tags]

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/5d40f1bdad3dd1a177f21a90ad4353c1ed40ba3a

Patch

https://git.kernel.org/stable/c/24f8e12d965b24f8aea762589e0e9fe2025c005e

Patch

https://git.kernel.org/stable/c/cc8f7940d9c2d45f67b3d1a2f2b7a829ca561bed

Patch

https://git.kernel.org/stable/c/92c4cfaee6872038563c5b6f2e8e613f9d84d47d

Scores

CVSS v3 5.5

EPSS 0.0026

EPSS Percentile 16.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-203

Status published

Products (15)

linux/Kernel 5.11.0 - 5.15.22linux

linux/Kernel 5.16.0 - 5.16.8linux

linux/Kernel 5.6.0 - 5.10.99linux

Linux/Linux < 5.6

Linux/Linux 5.10.99 - 5.10.*

Linux/Linux 5.15.22 - 5.15.*

Linux/Linux 5.16.8 - 5.16.*

Linux/Linux 5.17

Linux/Linux 5.6

Linux/Linux c02a81fba74fe3488ad6b08bfb5a1329005418f8 - 24f8e12d965b24f8aea762589e0e9fe2025c005e

... and 5 more

Published Jun 20, 2024

Tracked Since Feb 18, 2026