7.1

CVE-2022-49870

capabilities: fix undefined behavior in bit shift for CAP_TO_MASK

In the Linux kernel, the following vulnerability has been resolved:

capabilities: fix undefined behavior in bit shift for CAP_TO_MASK

Shifting signed 32-bit value by 31 bits is undefined, so changing
significant bit to unsigned. The UBSAN warning calltrace like below:

UBSAN: shift-out-of-bounds in security/commoncap.c:1252:2
left shift of 1 by 31 places cannot be represented in type 'int'
Call Trace:
 <TASK>
 dump_stack_lvl+0x7d/0xa5
 dump_stack+0x15/0x1b
 ubsan_epilogue+0xe/0x4e
 __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c
 cap_task_prctl+0x561/0x6f0
 security_task_prctl+0x5a/0xb0
 __x64_sys_prctl+0x61/0x8f0
 do_syscall_64+0x58/0x80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
 </TASK>
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.25 < 4.9.334
LinuxLinux Kernel Version >= 4.10 < 4.14.300
LinuxLinux Kernel Version >= 4.15 < 4.19.267
LinuxLinux Kernel Version >= 4.20 < 5.4.225
LinuxLinux Kernel Version >= 5.5 < 5.10.155
LinuxLinux Kernel Version >= 5.11 < 5.15.79
LinuxLinux Kernel Version >= 5.16 < 6.0.9
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
LinuxLinux Kernel Version6.1 Updaterc3
LinuxLinux Kernel Version6.1 Updaterc4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.089
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/5b79fa628e2ab789e629a83cd211ef9b4c1a593e
Patch
https://git.kernel.org/stable/c/65b0bc7a0690861812ade523d19f82688ab819dc
Patch
https://git.kernel.org/stable/c/dbaab08c8677d598244d21afb7818e44e1c5d826
Patch
https://git.kernel.org/stable/c/5661f111a1616ac105ec8cec81bff99b60f847ac
Patch
https://git.kernel.org/stable/c/fcbd2b336834bd24e1d9454ad5737856470c10d7
Patch
https://git.kernel.org/stable/c/151dc8087b5609e53b069c068e3f3ee100efa586
Patch
https://git.kernel.org/stable/c/27bdb134c043ff32c459d98f16550d0ffa0b3c34
Patch
https://git.kernel.org/stable/c/46653972e3ea64f79e7f8ae3aa41a4d3fdb70a13
Patch