Description

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypi_discover_clocks() relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore firmware and it doesn't guarantuee such a behavior this could lead to out-of-bounds access. So fix this by providing a sentinel element.

INFO

Published Date :

2025-06-18T11:00:07.966Z

Last Modified :

2025-06-18T11:00:07.966Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49946 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49946.

URL Resource
https://git.kernel.org/stable/c/bc163555603e4ae9c817675ad80d618a4cdbfa2d cve-icon cve-icon
https://git.kernel.org/stable/c/c8b04b731d43366824841ebdca4ac715f95e0ea4 cve-icon cve-icon
https://git.kernel.org/stable/c/fcae47b2d23c81603b01f56cf8db63ed64599d34 cve-icon cve-icon
https://git.kernel.org/stable/c/ff0b144d4b0a9fbd6efe4d2c0a4b6c9bae2138d2 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025061808-CVE-2022-49946-6601@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49946 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49946 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact