Description

In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage thread_struct's s[12] may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s[12] array in thread_struct when fork. As for kthread case, it's better to clear the s[12] array as well.

INFO

Published Date :

2025-05-01T14:10:07.001Z

Last Modified :

2025-05-04T08:46:54.720Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49852 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49852.

URL Resource
https://git.kernel.org/stable/c/358a68f98304b40b201ba5afe94c20355aa3dc68 cve-icon cve-icon
https://git.kernel.org/stable/c/6510c78490c490a6636e48b61eeaa6fb65981f4b cve-icon cve-icon
https://git.kernel.org/stable/c/c4601d30f7d989b4f354df899ab85b5f7a750d30 cve-icon cve-icon
https://git.kernel.org/stable/c/c5c0b3167537793a7cf936fb240366eefd2fc7fb cve-icon cve-icon
https://git.kernel.org/stable/c/cc36c7fa5d9384602529ba3eea8c5daee7be4dbc cve-icon cve-icon
https://git.kernel.org/stable/c/e56d18a976dda653194218df6d40d8122c775712 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050144-CVE-2022-49852-a851@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49852 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49852 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact