exploitDog

CVE-2022-48630

Опубликовано: 05 мар. 2024

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ

The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple of WORD_SZ. This can be reproduced e.g. by running:

kcapi-rng -b 67 >/dev/null

There are many ways to fix this without adding back the 'break', but they all seem more awkward than simply adding it back, so do just that.

Tested on a machine with Qualcomm Amberwing processor.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.19.236 (включая) до 4.19.245 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.4.187 (включая) до 5.4.196 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.10.108 (включая) до 5.10.118 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.15.31 (включая) до 5.15.42 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.17 (включая) до 5.17.10 (исключая)

cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.18:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.18:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.18:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.18:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.18:rc7:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.18:rc9:*:*:*:*:*:*

EPSS

Процентиль: 0%

0.00004

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-835

Связанные уязвимости

CVE-2022-48630

CVSS3: 5.5

ubuntu

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple of WORD_SZ. This can be reproduced e.g. by running: kcapi-rng -b 67 >/dev/null There are many ways to fix this without adding back the 'break', but they all seem more awkward than simply adding it back, so do just that. Tested on a machine with Qualcomm Amberwing processor.

CVE-2022-48630

CVSS3: 4.4

redhat

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple of WORD_SZ. This can be reproduced e.g. by running: kcapi-rng -b 67 >/dev/null There are many ways to fix this without adding back the 'break', but they all seem more awkward than simply adding it back, so do just that. Tested on a machine with Qualcomm Amberwing processor.

CVE-2022-48630

CVSS3: 5.5

debian

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: c ...

GHSA-4rpf-4vmp-3hfw

CVSS3: 5.5

github

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple of WORD_SZ. This can be reproduced e.g. by running: kcapi-rng -b 67 >/dev/null There are many ways to fix this without adding back the 'break', but they all seem more awkward than simply adding it back, so do just that. Tested on a machine with Qualcomm Amberwing processor.

BDU:2024-02026

CVSS3: 4.4

fstec

около 3 лет назад

Уязвимость функции qcom_rng_read() компонента qcom-rng.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 0%

0.00004

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-835