7.8

CVE-2022-50518

parisc: Fix locking in pdc_iodc_print() firmware call

In the Linux kernel, the following vulnerability has been resolved:

parisc: Fix locking in pdc_iodc_print() firmware call

Utilize pdc_lock spinlock to protect parallel modifications of the
iodc_dbuf[] buffer, check length to prevent buffer overflow of
iodc_dbuf[], drop the iodc_retbuf[] buffer and fix some wrong
indentings.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 2.6.24.5 < 2.6.25
LinuxLinux Kernel Version >= 2.6.25.1 < 6.0.18
LinuxLinux Kernel Version >= 6.1 < 6.1.4
LinuxLinux Kernel Version2.6.25 Update-
LinuxLinux Kernel Version2.6.25 Updaterc6
LinuxLinux Kernel Version2.6.25 Updaterc7
LinuxLinux Kernel Version2.6.25 Updaterc8
LinuxLinux Kernel Version2.6.25 Updaterc9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.028
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/04a603058e70b8b881bb7860b8bd649f931f2591
Patch
https://git.kernel.org/stable/c/553bc5890ed96a8d006224c3a4673c47fee0d12a
Patch
https://git.kernel.org/stable/c/7236aae5f81f3efbd93d0601e74fc05994bc2580
Patch