CVE-2022-48655 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations if the SCMI driver misbehave. Add an internal consistency check before any such domains descriptors accesses.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

References

Link	Resource
https://git.kernel.org/stable/c/1f08a1b26cfc53b7715abc46857c6023bb1b87de	Patch
https://git.kernel.org/stable/c/7184491fc515f391afba23d0e9b690caaea72daf
https://git.kernel.org/stable/c/8e65edf0d37698f7a6cb174608d3ec7976baf49e	Patch
https://git.kernel.org/stable/c/e9076ffbcaed5da6c182b144ef9f6e24554af268	Patch
https://git.kernel.org/stable/c/f2277d9e2a0d092c13bae7ee82d75432bb8b5108
https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-28T13:01:00.822Z

Updated: 2024-05-28T19:48:23.730Z

Reserved: 2024-02-25T13:44:28.317Z

Link: CVE-2022-48655

JSON object: View

NVD Information

Status : Modified

Published: 2024-04-28T13:15:07.623

Modified: 2024-06-27T14:15:12.480

Link: CVE-2022-48655

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2022-48655", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:44:28.317Z", "datePublished": "2024-04-28T13:01:00.822Z", "dateUpdated": "2024-05-28T19:48:23.730Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-28T19:48:23.730Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Harden accesses to the reset domains\n\nAccessing reset domains descriptors by the index upon the SCMI drivers\nrequests through the SCMI reset operations interface can potentially\nlead to out-of-bound violations if the SCMI driver misbehave.\n\nAdd an internal consistency check before any such domains descriptors\naccesses."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/firmware/arm_scmi/reset.c"], "versions": [{"version": "95a15d80aa0d", "lessThan": "7184491fc515", "status": "affected", "versionType": "git"}, {"version": "95a15d80aa0d", "lessThan": "f2277d9e2a0d", "status": "affected", "versionType": "git"}, {"version": "95a15d80aa0d", "lessThan": "1f08a1b26cfc", "status": "affected", "versionType": "git"}, {"version": "95a15d80aa0d", "lessThan": "8e65edf0d376", "status": "affected", "versionType": "git"}, {"version": "95a15d80aa0d", "lessThan": "e9076ffbcaed", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/firmware/arm_scmi/reset.c"], "versions": [{"version": "5.4", "status": "affected"}, {"version": "0", "lessThan": "5.4", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.277", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.218", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.71", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.19.12", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/7184491fc515f391afba23d0e9b690caaea72daf"}, {"url": "https://git.kernel.org/stable/c/f2277d9e2a0d092c13bae7ee82d75432bb8b5108"}, {"url": "https://git.kernel.org/stable/c/1f08a1b26cfc53b7715abc46857c6023bb1b87de"}, {"url": "https://git.kernel.org/stable/c/8e65edf0d37698f7a6cb174608d3ec7976baf49e"}, {"url": "https://git.kernel.org/stable/c/e9076ffbcaed5da6c182b144ef9f6e24554af268"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html"}], "title": "firmware: arm_scmi: Harden accesses to the reset domains", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "CWE-125 Out-of-bounds Read"}]}], "affected": [{"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "95a15d80aa0d", "status": "affected", "lessThan": "7184491fc515", "versionType": "custom"}, {"version": "95a15d80aa0d", "status": "affected", "lessThan": "f2277d9e2a0d", "versionType": "custom"}, {"version": "95a15d80aa0d", "status": "affected", "lessThan": "1f08a1b26cfc", "versionType": "custom"}, {"version": "95a15d80aa0d", "status": "affected", "lessThan": "8e65edf0d376", "versionType": "custom"}, {"version": "95a15d80aa0d", "status": "affected", "lessThan": "e9076ffbcaed", "versionType": "custom"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:5.4:*:*:*:*:*:*:*"], "defaultStatus": "affected", "versions": [{"version": "5.4", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-06-05T04:01:14.973732Z", "id": "CVE-2022-48655", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-05T13:55:57.618Z"}}]}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BAFC83D-1941-4758-9C14-B91E8D8243DE", "versionEndExcluding": "5.15.71", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D86B159-0AA3-429A-8FE5-B87DB2046DB6", "versionEndExcluding": "5.19.12", "versionStartExcluding": "5.16", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Harden accesses to the reset domains\n\nAccessing reset domains descriptors by the index upon the SCMI drivers\nrequests through the SCMI reset operations interface can potentially\nlead to out-of-bound violations if the SCMI driver misbehave.\n\nAdd an internal consistency check before any such domains descriptors\naccesses."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: firmware: arm_scmi: Refuerza los accesos a los dominios de reinicio. El acceso a los descriptores de dominios de reinicio por el \u00edndice ante las solicitudes de los controladores SCMI a trav\u00e9s de la interfaz de operaciones de reinicio de SCMI puede conducir potencialmente a violaciones fuera de los l\u00edmites. si el controlador SCMI se comporta mal. Agregue una verificaci\u00f3n de coherencia interna antes de que se acceda a dichos descriptores de dominio."}], "id": "CVE-2022-48655", "lastModified": "2024-06-27T14:15:12.480", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-28T13:15:07.623", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1f08a1b26cfc53b7715abc46857c6023bb1b87de"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7184491fc515f391afba23d0e9b690caaea72daf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8e65edf0d37698f7a6cb174608d3ec7976baf49e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e9076ffbcaed5da6c182b144ef9f6e24554af268"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f2277d9e2a0d092c13bae7ee82d75432bb8b5108"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}