CVE-2022-48804: vt_ioctl: fix array_index_nospec in vt_setactivate
First published: Tue Jul 16 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: vt_ioctl: fix array_index_nospec in vt_setactivate array_index_nospec ensures that an out-of-bounds value is set to zero on the transient path. Decreasing the value by one afterwards causes a transient integer underflow. vsa.console should be decreased first and then sanitized with array_index_nospec. Kasper Acknowledgements: Jakob Koschel, Brian Johannesmeyer, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida from the VUSec group at VU Amsterdam.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/kernel | <4.9.302 | 4.9.302 |
| redhat/kernel | <4.14.267 | 4.14.267 |
| redhat/kernel | <4.19.230 | 4.19.230 |
| redhat/kernel | <5.4.180 | 5.4.180 |
| redhat/kernel | <5.10.101 | 5.10.101 |
| redhat/kernel | <5.15.24 | 5.15.24 |
| redhat/kernel | <5.16.10 | 5.16.10 |
| redhat/kernel | <5.17 | 5.17 |
| Linux Kernel | <4.9.302 | |
| Linux Kernel | >=4.10<4.14.267 | |
| Linux Kernel | >=4.15<4.19.320 | |
| Linux Kernel | >=4.20<5.4.180 | |
| Linux Kernel | >=5.5<5.10.101 | |
| Linux Kernel | >=5.11<5.15.24 | |
| Linux Kernel | >=5.16<5.16.10 | |
| Linux Kernel | =5.17-rc1 | |
| Linux Kernel | =5.17-rc2 | |
| Linux Kernel | =5.17-rc3 | |
| IBM Security Verify Governance - Identity Manager | <=ISVG 10.0.2 | |
| IBM Security Verify Governance, Identity Manager Software Stack | <=ISVG 10.0.2 | |
| IBM Security Verify Governance, Identity Manager Virtual Appliance | <=ISVG 10.0.2 | |
| IBM Security Verify Governance Identity Manager Container | <=ISVG 10.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2024:7001
- https://access.redhat.com/errata/RHSA-2024:7000
- https://access.redhat.com/errata/RHSA-2024:9315
- https://access.redhat.com/errata/RHSA-2024:10771
- https://bugzilla.redhat.com/show_bug.cgi?id=2298140
- https://git.kernel.org/stable/c/830c5aa302ec16b4ee641aec769462c37f802c90
- https://git.kernel.org/stable/c/2a45a6bd1e6d651770aafff57ab3e1d3bb0b42e0
- https://git.kernel.org/stable/c/170325aba4608bde3e7d21c9c19b7bc266ac0885
- https://git.kernel.org/stable/c/ae3d57411562260ee3f4fd5e875f410002341104
- https://git.kernel.org/stable/c/778302ca09498b448620edd372dc908bebf80bdf
- https://git.kernel.org/stable/c/ffe54289b02e9c732d6f04c8ebbe3b2d90d32118
- https://git.kernel.org/stable/c/6550bdf52846f85a2a3726a5aa0c7c4399f2fc02
- https://git.kernel.org/stable/c/61cc70d9e8ef5b042d4ed87994d20100ec8896d9
- https://www.ibm.com/support/pages/node/7230443 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2022-48804?
CVE-2022-48804 has been classified with a severity rating that indicates a potential risk to the system's integrity and availability.
How do I fix CVE-2022-48804?
To fix CVE-2022-48804, upgrade your Linux kernel to the latest versions specified in the remediation section, such as 4.9.302, 4.14.267, 4.19.230, 5.4.180, 5.10.101, 5.15.24, 5.16.10, or 5.17.
Which versions of the Linux kernel are affected by CVE-2022-48804?
CVE-2022-48804 affects multiple versions of the Linux kernel prior to the specified remediate versions for each affected release.
Is CVE-2022-48804 related to any specific functionality in the Linux kernel?
Yes, CVE-2022-48804 is specifically related to improvements in the vt_ioctl functionality within the Linux kernel.
What impact could CVE-2022-48804 have on my system?
If exploited, CVE-2022-48804 could lead to unauthorized access or altered system behavior, potentially compromising system security.
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- agent/remedy
- agent/weakness
- agent/severity
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-48804
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/references
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- package-manager/redhat
- vendor/linux
- canonical/linux kernel
- version/linux kernel/4.10
- version/linux kernel/4.15
- version/linux kernel/4.20
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/5.17-rc1
- version/linux kernel/5.17-rc2
- version/linux kernel/5.17-rc3
- vendor/ibm
- canonical/ibm security verify governance - identity manager
- version/ibm security verify governance - identity manager/isvg 10.0.2
- canonical/ibm security verify governance, identity manager software stack
- version/ibm security verify governance, identity manager software stack/isvg 10.0.2
- canonical/ibm security verify governance, identity manager virtual appliance
- version/ibm security verify governance, identity manager virtual appliance/isvg 10.0.2
- canonical/ibm security verify governance identity manager container
- version/ibm security verify governance identity manager container/isvg 10.0.2