CVE-2022-48927

NVD Published Date: August 22, 2024 at 04:15 AM
NVD Last Modified: August 23, 2024 at 02:05 AM
Download Patch
Vulnerability ID
CVE-2022-48927
Severity
HIGH
Severity Score
7.8
Summary
In the Linux kernel, the following vulnerability has been resolved: iio: adc: tsc2046: fix memory corruption by preventing array overflow On one side we have indio_dev->num_channels includes all physical channels + timestamp channel. On other side we have an array allocated only for physical channels. So, fix memory corruption by ARRAY_SIZE() instead of num_channels variable. Note the first case is a cleanup rather than a fix as the software timestamp channel bit in active_scanmask is never set by the IIO core.
Exploits
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-787

Recent Publish

CVE-2022-48942

CVE-2022-48930

CVE-2022-48928

CVE-2022-48932

CVE-2022-48926

CVE-2022-48941

See SecOps Solution
in action

Schedule Demo