CVE-2022-49145
Published: 26 February 2025
Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data If the NumEntries field in the _CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may not be present then. BugLink: https://lore.kernel.org/lkml/20220322143534.GC32582@xsang-OptiPlex-9020/
Security Summary
CVE-2022-49145 is a vulnerability in the Linux kernel's ACPI CPPC component that results in an out-of-bounds read (CWE-125). The issue arises during parsing of the _CPC return package, where the kernel attempts to access the "Revision" element even if the NumEntries field is less than 2, potentially leading to access of data that is not present.
The vulnerability has a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H), indicating it can be exploited by a local attacker with low privileges. Exploitation requires low complexity and no user interaction, allowing the attacker to achieve high-impact confidentiality loss, such as information disclosure, and high-impact availability disruption, such as a kernel crash or denial of service.
Mitigation is provided through kernel patches in stable branches, which avoid the out-of-bounds access by checking if NumEntries is at least 2 before accessing the Revision element. Relevant commits include: https://git.kernel.org/stable/c/28d5387c1994f5e1e0d41b30a1f3dd6e1f609252, https://git.kernel.org/stable/c/40d8abf364bcab23bc715a9221a3c8623956257b, https://git.kernel.org/stable/c/97b5593fd1b182b3fdb180b6bbe64ec09669988b, https://git.kernel.org/stable/c/b3f15609ffa521de12244cd6af24002030dda3f5, and https://git.kernel.org/stable/c/b80b19b32a432c9eee1cd200ef7aaddf608f54d1. Security practitioners should ensure affected Linux kernel versions are updated with these fixes.
Details
- CWE(s)