CVE-2022-49186
clk: visconti: prevent array overflow in visconti_clk_register_gates()
In the Linux kernel, the following vulnerability has been resolved:
clk: visconti: prevent array overflow in visconti_clk_register_gates()
This code was using -1 to represent that there was no reset function.
Unfortunately, the -1 was stored in u8 so the if (clks[i].rs_id >= 0)
condition was always true. This lead to an out of bounds access in
visconti_clk_register_gates().
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →