mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
202 lines
8.0 KiB
JSON
202 lines
8.0 KiB
JSON
{
|
|
"id": "CVE-2022-48994",
|
|
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"published": "2024-10-21T20:15:11.257",
|
|
"lastModified": "2024-11-07T13:52:43.380",
|
|
"vulnStatus": "Analyzed",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event\n\nWith clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),\nindirect call targets are validated against the expected function\npointer prototype to make sure the call target is valid to help mitigate\nROP attacks. If they are not identical, there is a failure at run time,\nwhich manifests as either a kernel panic or thread getting killed.\n\nseq_copy_in_user() and seq_copy_in_kernel() did not have prototypes\nmatching snd_seq_dump_func_t. Adjust this and remove the casts. There\nare not resulting binary output differences.\n\nThis was found as a result of Clang's new -Wcast-function-type-strict\nflag, which is more sensitive than the simpler -Wcast-function-type,\nwhich only checks for type width mismatches."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: seq: Fix function prototipo desajuste en snd_seq_expand_var_event Con la integridad del flujo de control del kernel de clang (kCFI, CONFIG_CFI_CLANG), los objetivos de llamada indirecta se validan contra el prototipo de puntero de funci\u00f3n esperado para asegurarse de que el objetivo de llamada sea v\u00e1lido para ayudar a mitigar los ataques ROP. Si no son id\u00e9nticos, hay un error en el tiempo de ejecuci\u00f3n, que se manifiesta como un p\u00e1nico del kernel o la muerte del hilo. seq_copy_in_user() y seq_copy_in_kernel() no ten\u00edan prototipos que coincidieran con snd_seq_dump_func_t. Aj\u00fastelo y elimine las conversiones. No hay diferencias de salida binaria resultantes. Esto se encontr\u00f3 como resultado del nuevo indicador -Wcast-function-type-strict de Clang, que es m\u00e1s sensible que el m\u00e1s simple -Wcast-function-type, que solo verifica los desajustes de ancho de tipo."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"baseScore": 5.5,
|
|
"baseSeverity": "MEDIUM",
|
|
"attackVector": "LOCAL",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "LOW",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH"
|
|
},
|
|
"exploitabilityScore": 1.8,
|
|
"impactScore": 3.6
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "4.9.336",
|
|
"matchCriteriaId": "99B9ECF9-423E-4A61-B103-DB964B227DA5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "4.10",
|
|
"versionEndExcluding": "4.14.302",
|
|
"matchCriteriaId": "FB3E1F82-01A3-456E-9C83-D567B9A75815"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "4.15",
|
|
"versionEndExcluding": "4.19.269",
|
|
"matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "4.20",
|
|
"versionEndExcluding": "5.4.227",
|
|
"matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.5",
|
|
"versionEndExcluding": "5.10.159",
|
|
"matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.11",
|
|
"versionEndExcluding": "5.15.83",
|
|
"matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "5.16",
|
|
"versionEndExcluding": "6.0.13",
|
|
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
|
|
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/05530ef7cf7c7d700f6753f058999b1b5099a026",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/13ee8fb5410b740c8dd2867d3557c7662f7dda2d",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/15c42ab8d43acb73e2eba361ad05822c0af0ecfa",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/2f46e95bf344abc4e74f8158901d32a869e0adb6",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/63badfed200219ca656968725f1a43df293ac936",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/b38486e82ecb9f3046e0184205f6b61408fc40c9",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/e385360705a0b346bdb57ce938249175d0613b8a",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/fccd454129f6a0739651f7f58307cdb631fd6e89",
|
|
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
}
|
|
]
|
|
} |