#VU91174 Off-by-one in Linux kernel - CVE-2022-48672

Vulnerability identifier: #VU91174

Vulnerability risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-48672

CWE-ID: CWE-193

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an off-by-one error within the unflatten_dt_nodes() function in drivers/of/fdt.c. A local user can execute arbitrary code.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

---

External links
https://git.kernel.org/stable/c/cbdda20ce363356698835185801a58a28f644853
https://git.kernel.org/stable/c/2566706ac6393386a4e7c4ce23fe17f4c98d9aa0
https://git.kernel.org/stable/c/e0e88c25f88b9805572263c9ed20f1d88742feaf
https://git.kernel.org/stable/c/ee4369260e77821602102dcc7d792de39a56365c
https://git.kernel.org/stable/c/ba6b9f7cc1108bad6e2c53b1d6e0156379188db7
https://git.kernel.org/stable/c/2133f451311671c7c42b5640d2b999326b39aa0e
https://git.kernel.org/stable/c/2f945a792f67815abca26fa8a5e863ccf3fa1181

---

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.