Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data If the NumEntries field in the _CPC return package is less than 2, do not attempt to access the "Revision" element of that package, because it may not be present then. BugLink: https://lore.kernel.org/lkml/20220322143534.GC32582@xsang-OptiPlex-9020/
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.4, < 4.9.311 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/28d5387c1994f5e1e0d41b30a1f3dd6e1f609252Patch
- https://git.kernel.org/stable/c/40d8abf364bcab23bc715a9221a3c8623956257bPatch
- https://git.kernel.org/stable/c/97b5593fd1b182b3fdb180b6bbe64ec09669988bPatch
- https://git.kernel.org/stable/c/b3f15609ffa521de12244cd6af24002030dda3f5Patch
- https://git.kernel.org/stable/c/b80b19b32a432c9eee1cd200ef7aaddf608f54d1Patch
- https://git.kernel.org/stable/c/cb249f8c00f40dba83b7da8207ac14ca46e9ec9ePatch
- https://git.kernel.org/stable/c/d208ea44e25b31db5a4d5e8c31df51787a3e9303Patch
- https://git.kernel.org/stable/c/d7339f2a3938fb56b5f28d53f5345900b5fa0e74Patch
- https://git.kernel.org/stable/c/e5b681822cac1f8093759b02e16c06b2c64b6788Patch
FAQ
What is CVE-2022-49145?
CVE-2022-49145 is a vulnerability with a CVSS score of 7.1 (HIGH). In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data If the NumEntries field in the _CPC return package is less than 2, d...
How severe is CVE-2022-49145?
CVE-2022-49145 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-49145?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.