| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: fix [e_shstrndx].sh_size=0 OOB access\n\nIt is trivial to craft a module to trigger OOB access in this line:\n\n\tif (info->secstrings[strhdr->sh_size - 1] != '\\0') {\n\nBUG: unable to handle page fault for address: ffffc90000aa0fff\nPGD 100000067 P4D 100000067 PUD 100066067 PMD 10436f067 PTE 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 7 PID: 1215 Comm: insmod Not tainted 5.18.0-rc5-00007-g9bf578647087-dirty #10\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/01/2014\nRIP: 0010:load_module+0x19b/0x2391\n\n[rebased patch onto modules-next]" |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "kernel/module/main.c" |
| ], |
| "versions": [ |
| { |
| "version": "ec2a29593c83ed71a7f16e3243941ebfcf75fdf6", |
| "lessThan": "09cb6663618a74fe5572a4931ecbf098832e79ec", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "ec2a29593c83ed71a7f16e3243941ebfcf75fdf6", |
| "lessThan": "921630e2e5124a04158129a8f22f4b425e61a858", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "ec2a29593c83ed71a7f16e3243941ebfcf75fdf6", |
| "lessThan": "45a76414b6d8b8b39c23fea53b9d20e831ae72a0", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "ec2a29593c83ed71a7f16e3243941ebfcf75fdf6", |
| "lessThan": "391e982bfa632b8315235d8be9c0a81374c6a19c", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "05d891e76dde3e430c707dae7d85139794eeadbd", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "d802672c7f00963613f289579073ac519f0d306c", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "214aa69cac91a723239118bbbfe77d5654ddff6b", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "kernel/module/main.c" |
| ], |
| "versions": [ |
| { |
| "version": "5.12", |
| "status": "affected" |
| }, |
| { |
| "version": "0", |
| "lessThan": "5.12", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.15.54", |
| "lessThanOrEqual": "5.15.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.17.14", |
| "lessThanOrEqual": "5.17.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.18.3", |
| "lessThanOrEqual": "5.18.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.19", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.12", |
| "versionEndExcluding": "5.15.54" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.12", |
| "versionEndExcluding": "5.17.14" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.12", |
| "versionEndExcluding": "5.18.3" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.12", |
| "versionEndExcluding": "5.19" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.4.110" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.10.26" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionStartIncluding": "5.11.3" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/09cb6663618a74fe5572a4931ecbf098832e79ec" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/921630e2e5124a04158129a8f22f4b425e61a858" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/45a76414b6d8b8b39c23fea53b9d20e831ae72a0" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/391e982bfa632b8315235d8be9c0a81374c6a19c" |
| } |
| ], |
| "title": "module: fix [e_shstrndx].sh_size=0 OOB access", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2022-49444", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
