Main Vulnerability Database SB20250502237

SB20250502237 - Improper error handling in Linux kernel arm64 kernel

Published: May 2, 2025 Updated: May 10, 2025

Security Bulletin ID SB20250502237

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper error handling (CVE-ID: CVE-2022-49888)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the cortex_a76_erratum_1463225_svc_handler() function in arch/arm64/kernel/entry-common.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/024f4b2e1f874934943eb2d3d288ebc52c79f55c
https://git.kernel.org/stable/c/71d6c33fe223255f4416a01514da2c0bc3e283e7
https://git.kernel.org/stable/c/db66629d43b2d12cb43b004a4ca6be1d03228e97
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.8