7.1

CVE-2022-49792

iio: adc: mp2629: fix potential array out of bound access

In the Linux kernel, the following vulnerability has been resolved:

iio: adc: mp2629: fix potential array out of bound access

Add sentinel at end of maps to avoid potential array out of
bound access in iio core.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.8 < 5.10.156
LinuxLinux Kernel Version >= 5.11 < 5.15.80
LinuxLinux Kernel Version >= 5.16 < 6.0.10
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
LinuxLinux Kernel Version6.1 Updaterc3
LinuxLinux Kernel Version6.1 Updaterc4
LinuxLinux Kernel Version6.1 Updaterc5
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.17% 0.066
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/d95b85c5084ad70011988861ee864529eefa1da0
Patch
https://git.kernel.org/stable/c/1678d4abb2dc2ca3b05b998a9d88616976e4f947
Patch
https://git.kernel.org/stable/c/399b2105a2240e730b9f3880bd8f154247539aa7
Patch
https://git.kernel.org/stable/c/ca1547ab15f48dc81624183ae17a2fd1bad06dfc
Patch