CVE-2022-48696

{"id": "CVE-2022-48696", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-05-03T16:15:08.290", "references": [{"url": "https://git.kernel.org/stable/c/15ff1f17847c19174b260bd7dd0de33edcebd45e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f5723cfc01932c7a8d5c78dbf7e067e537c91439", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/15ff1f17847c19174b260bd7dd0de33edcebd45e", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/f5723cfc01932c7a8d5c78dbf7e067e537c91439", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: spi: Reserve space for register address/padding\n\nCurrently the max_raw_read and max_raw_write limits in regmap_spi struct\ndo not take into account the additional size of the transmitted register\naddress and padding. This may result in exceeding the maximum permitted\nSPI message size, which could cause undefined behaviour, e.g. data\ncorruption.\n\nFix regmap_get_spi_bus() to properly adjust the above mentioned limits\nby reserving space for the register address/padding as set in the regmap\nconfiguration."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: regmap: spi: reserva de espacio para direcci\u00f3n/relleno de registro Actualmente, los l\u00edmites max_raw_read y max_raw_write en la estructura regmap_spi no tienen en cuenta el tama\u00f1o adicional de la direcci\u00f3n de registro transmitida y el relleno. Esto puede dar como resultado que se exceda el tama\u00f1o de mensaje SPI m\u00e1ximo permitido, lo que podr\u00eda causar un comportamiento indefinido, por ejemplo, corrupci\u00f3n de datos. Corrija regmap_get_spi_bus() para ajustar adecuadamente los l\u00edmites mencionados anteriormente reservando espacio para la direcci\u00f3n/relleno del registro como se establece en la configuraci\u00f3n de regmap."}], "lastModified": "2025-04-08T15:50:44.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4895A99-6E1B-4C76-A510-FDED00AD7D29", "versionEndExcluding": "5.19.9", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F0AD220-F6A9-4012-8636-155F1B841FAD"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A46498B3-78E1-4623-AAE1-94D29A42BE4E"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8446E87-F5F6-41CA-8201-BAE0F0CA6DD9"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}