CVE-2022-49946 | THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

Description

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypi_discover_clocks() relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore firmware and it doesn't guarantuee such a behavior this could lead to out-of-bounds access. So fix this by providing a sentinel element.

Reserved 2025-06-18 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status

unaffected

93d2725affd65686792f4b57e49ef660f3c8c0f9 before fcae47b2d23c81603b01f56cf8db63ed64599d34

affected

93d2725affd65686792f4b57e49ef660f3c8c0f9 before ff0b144d4b0a9fbd6efe4d2c0a4b6c9bae2138d2

affected

93d2725affd65686792f4b57e49ef660f3c8c0f9 before c8b04b731d43366824841ebdca4ac715f95e0ea4

affected

93d2725affd65686792f4b57e49ef660f3c8c0f9 before bc163555603e4ae9c817675ad80d618a4cdbfa2d

affected

Default status

affected

5.9

affected

Any version before 5.9

unaffected

5.10.142

unaffected

5.15.66

unaffected

5.19.8

unaffected

6.0

unaffected

References

git.kernel.org/...c/fcae47b2d23c81603b01f56cf8db63ed64599d34

git.kernel.org/...c/ff0b144d4b0a9fbd6efe4d2c0a4b6c9bae2138d2

git.kernel.org/...c/c8b04b731d43366824841ebdca4ac715f95e0ea4

git.kernel.org/...c/bc163555603e4ae9c817675ad80d618a4cdbfa2d

cve.org (CVE-2022-49946)

nvd.nist.gov (CVE-2022-49946)

Download JSON

https://cve.threatint.eu/CVE/CVE-2022-49946

Support options

Helpdesk Chat, Email, Knowledgebase