Lucene search
LinuxVULNRICHMENT:CVE-2022-48657HistoryApr 28, 2024 - 1:01 p.m.
CVE-2022-48657 arm64: topology: fix possible overflow in amu_fie_setup()
2024-04-2813:01:08
Linux
github.com
arm64
topology
overflow
fix
linux kernel
frequency
svace
static analysis
In the Linux kernel, the following vulnerability has been resolved:
arm64: topology: fix possible overflow in amu_fie_setup()
cpufreq_get_hw_max_freq() returns max frequency in kHz as unsigned int,
while freq_inv_set_max_ratio() gets passed this frequency in Hz as ‘u64’.
Multiplying max frequency by 1000 can potentially result in overflow –
multiplying by 1000ULL instead should avoid that…
Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"arch/arm64/kernel/topology.c"
],
"versions": [
{
"version": "cd0ed03a8903",
"lessThan": "904f881b5736",
"status": "affected",
"versionType": "git"
},
{
"version": "cd0ed03a8903",
"lessThan": "3c3edb82d67b",
"status": "affected",
"versionType": "git"
},
{
"version": "cd0ed03a8903",
"lessThan": "bb6d99e27cbe",
"status": "affected",
"versionType": "git"
},
{
"version": "cd0ed03a8903",
"lessThan": "d4955c0ad77d",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"arch/arm64/kernel/topology.c"
],
"versions": [
{
"version": "5.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.150",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.71",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.19.12",
"lessThanOrEqual": "5.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.0",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2022-48657
2024-04-28 00:00:00
redhatcve
redhatcve
CVE-2022-48657
2024-04-29 16:20:58
cve
cve
CVE-2022-48657
2024-04-28 13:15:07
nvd
nvd
CVE-2022-48657
2024-04-28 13:15:07
cvelist
cvelist
CVE-2022-48657 arm64: topology: fix possible overflow in amu_fie_setup()
2024-04-28 13:01:08
debiancve
debiancve
CVE-2022-48657
2024-04-28 13:15:07
nessus
nessus
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1641-1)
2024-05-15 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1644-1)
2024-05-15 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1641-1)
2024-05-24 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1647-1)
2024-05-24 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1644-1)
2024-05-24 00:00:00
7.1 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
15.8%
Related for VULNRICHMENT:CVE-2022-48657