Lucene search

K
ubuntucveUbuntu.comUB:CVE-2022-48655
HistoryApr 28, 2024 - 12:00 a.m.

CVE-2022-48655

2024-04-2800:00:00
ubuntu.com
ubuntu.com
18
linux kernel
vulnerability
firmware arm_scmi
reset domains
out-of-bound violations

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%

In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Harden accesses to the reset domains Accessing reset
domains descriptors by the index upon the SCMI drivers requests through the
SCMI reset operations interface can potentially lead to out-of-bound
violations if the SCMI driver misbehave. Add an internal consistency check
before any such domains descriptors accesses.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-190.210UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-57.63UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1129.139UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1027.31UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1027.31~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1129.139~18.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1134.141UNKNOWN
ubuntu22.04noarchlinux-azure< 5.15.0-1030.37UNKNOWN
ubuntu20.04noarchlinux-azure-5.15< 5.15.0-1030.37~20.04.1UNKNOWN
ubuntu18.04noarchlinux-azure-5.4< 5.4.0-1134.141~18.04.1UNKNOWN
Rows per page:
1-10 of 421

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

5.1%