CVE-2022-48804
CVSS v3.1
5.5 (Medium)
EPSS
0.04 % (5th)
Affected Products
1
Advisories
9
NVD Status
Analyzed
In the Linux kernel, the following vulnerability has been resolved:
vt_ioctl: fix array_index_nospec in vt_setactivate
array_index_nospec ensures that an out-of-bounds value is set to zero
on the transient path. Decreasing the value by one afterwards causes
a transient integer underflow. vsa.console should be decreased first
and then sanitized with array_index_nospec.
Kasper Acknowledgements: Jakob Koschel, Brian Johannesmeyer, Kaveh
Razavi, Herbert Bos, Cristiano Giuffrida from the VUSec group at VU
Amsterdam.
Weaknesses
- CWE-191
- Integer Underflow (Wrap or Wraparound)
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- kernel.org
- Published Date
-
2024-07-16 12:15:04
(2 months ago) - Updated Date
-
2024-09-09 18:19:25
(9 days ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...