In the Linux kernel, the following vulnerability has been resolved:
of: fdt: fix off-by-one error in unflatten_dt_nodes()
Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree")
forgot to fix up the depth check in the loop body in unflatten_dt_nodes()
which makes it possible to overflow the nps[] buffer...
Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.
CVSS
No CVSS.
References
Configurations
No configuration.
History
03 May 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-05-03 15:15
Updated : 2024-05-03 15:32
NVD link : CVE-2022-48672
Mitre link : CVE-2022-48672
CVE.ORG link : CVE-2022-48672
JSON object : View
Products Affected
No product.
CWE
No CWE.