CVE-2022-49032

HIGH

Linux kernel - Memory Corruption

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4404_read_raw+0x2ce/0x380 Read of size 4 at addr ffffffffc00e4658 by task cat/278 Call Trace: afe4404_read_raw iio_read_channel_info dev_attr_show The buggy address belongs to the variable: afe4404_channel_leds+0x18/0xffffffffffffe9c0 This issue can be reproduce by singe command: $ cat /sys/bus/i2c/devices/0-0058/iio\:device0/in_intensity6_raw The array size of afe4404_channel_leds and afe4404_channel_offdacs are less than channels, so access with chan->address cause OOB read in afe4404_[read|write]_raw. Fix it by moving access before use them.

References (8)

Core 8

Scores

CVSS v3 7.1
EPSS 0.0001
EPSS Percentile 1.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-125
Status published
Products (9)
linux/Kernel 4.10.0 - 4.14.301linux
linux/Kernel 4.15.0 - 4.19.268linux
linux/Kernel 4.20.0 - 5.4.226linux
linux/Kernel 4.8.0 - 4.9.335linux
linux/Kernel 5.11.0 - 5.15.82linux
linux/Kernel 5.16.0 - 6.0.12linux
linux/Kernel 5.5.0 - 5.10.158linux
linux/linux_kernel 6.1 rc1 (6 CPE variants)
linux/linux_kernel 4.8 - 4.9.335
Published Oct 21, 2024
Tracked Since Feb 18, 2026