4 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-48806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 i2c: i801: Don't silently correct invalid transfer size revealed that ee1004eepromread d...
CVE-2022-48806 eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...
CVE-2022-48806
The CVE-2022-48806 issue is confirmed in the Linux kernel under ee1004 EEPROM reads. The root cause was that ee1004_eeprom_read() could read more than the i2c block data limit because i2c_smbus_read_i2c_block_data_or_emulated() uses an unsigned 8-bit length; if the requested read spanned a 256-by...
CVE-2022-48806
In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...