CVE-2022-49478

media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init

Description

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then if init table walk fails this value remains unchanged. Since code blindly uses this member for array indexing adding sanity check is the easiest fix for that. hdw->workpoll initialization moved upper to prevent warning in __flush_work.

INFO

Published Date :

2025-02-26T02:13:19.330Z

Last Modified :

2025-10-01T19:46:45.541Z

Source :

Linux

AFFECTED PRODUCTS

The following products are affected by CVE-2022-49478 vulnerability.

Vendors	Products
Linux	Linux Kernel

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49478.

URL	Resource
https://git.kernel.org/stable/c/1310fc3538dcc375a2f46ef0a438512c2ca32827
https://git.kernel.org/stable/c/24e807541e4a9263ed928e6ae3498de3ad43bd1e
https://git.kernel.org/stable/c/2e004fe914b243db41fa96f9e583385f360ea58e
https://git.kernel.org/stable/c/3309c2c574e13b21b44729f5bdbf21f60189b79a
https://git.kernel.org/stable/c/4351bfe36aba9fa7dc9d68d498d25d41a0f45e67
https://git.kernel.org/stable/c/471bec68457aaf981add77b4f590d65dd7da1059
https://git.kernel.org/stable/c/a3304766d9384886e6d3092c776273526947a2e9
https://git.kernel.org/stable/c/a3660e06675bccec4bf149c7229ea1d491ba10d7
https://git.kernel.org/stable/c/f99a8b1ec0eddc2931aeaa4f490277a15b39f511
https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2022-49478-4f2d@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-49478
https://www.cve.org/CVERecord?id=CVE-2022-49478

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact