CVE-2022-48660
"LinuxKernel NXP-Ls1028 GPIO Vulnerability"
Description
In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully When running gpio test on nxp-ls1028 platform with below command gpiomon --num-events=3 --rising-edge gpiochip1 25 There will be a warning trace as below: Call trace: free_irq+0x204/0x360 lineevent_free+0x64/0x70 gpio_ioctl+0x598/0x6a0 __arm64_sys_ioctl+0xb4/0x100 invoke_syscall+0x5c/0x130 ...... el0t_64_sync+0x1a0/0x1a4 The reason of this issue is that calling request_threaded_irq() function failed, and then lineevent_free() is invoked to release the resource. Since the lineevent_state::irq was already set, so the subsequent invocation of free_irq() would trigger the above warning call trace. To fix this issue, set the lineevent_state::irq after the IRQ register successfully.
INFO
Published Date :
April 28, 2024, 1:15 p.m.
Last Modified :
April 30, 2024, 3:06 p.m.
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Remotely Exploitable :
No
Impact Score :
3.6
Exploitability Score :
1.8
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2022-48660.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2022-48660 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2022-48660 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 28, 2024
Action Type Old Value New Value -
CVE Modified by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 14, 2024
Action Type Old Value New Value -
Initial Analysis by [email protected]
Apr. 30, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Changed Reference Type https://git.kernel.org/stable/c/657803b918e097e47d99d1489da83a603c36bcdd No Types Assigned https://git.kernel.org/stable/c/657803b918e097e47d99d1489da83a603c36bcdd Patch Changed Reference Type https://git.kernel.org/stable/c/69bef19d6b9700e96285f4b4e28691cda3dcd0d1 No Types Assigned https://git.kernel.org/stable/c/69bef19d6b9700e96285f4b4e28691cda3dcd0d1 Patch Changed Reference Type https://git.kernel.org/stable/c/97da736cd11ae73bdf2f5e21e24446b8349e0168 No Types Assigned https://git.kernel.org/stable/c/97da736cd11ae73bdf2f5e21e24446b8349e0168 Patch Changed Reference Type https://git.kernel.org/stable/c/b1489043d3b9004dd8d5a0357b08b5f0e6691c43 No Types Assigned https://git.kernel.org/stable/c/b1489043d3b9004dd8d5a0357b08b5f0e6691c43 Patch Added CWE NIST NVD-CWE-noinfo Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.9 up to (excluding) 5.10.146 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.71 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 5.19.12 -
CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Apr. 28, 2024
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully When running gpio test on nxp-ls1028 platform with below command gpiomon --num-events=3 --rising-edge gpiochip1 25 There will be a warning trace as below: Call trace: free_irq+0x204/0x360 lineevent_free+0x64/0x70 gpio_ioctl+0x598/0x6a0 __arm64_sys_ioctl+0xb4/0x100 invoke_syscall+0x5c/0x130 ...... el0t_64_sync+0x1a0/0x1a4 The reason of this issue is that calling request_threaded_irq() function failed, and then lineevent_free() is invoked to release the resource. Since the lineevent_state::irq was already set, so the subsequent invocation of free_irq() would trigger the above warning call trace. To fix this issue, set the lineevent_state::irq after the IRQ register successfully. Added Reference kernel.org https://git.kernel.org/stable/c/657803b918e097e47d99d1489da83a603c36bcdd [No types assigned] Added Reference kernel.org https://git.kernel.org/stable/c/97da736cd11ae73bdf2f5e21e24446b8349e0168 [No types assigned] Added Reference kernel.org https://git.kernel.org/stable/c/b1489043d3b9004dd8d5a0357b08b5f0e6691c43 [No types assigned] Added Reference kernel.org https://git.kernel.org/stable/c/69bef19d6b9700e96285f4b4e28691cda3dcd0d1 [No types assigned]
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2022-48660 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2022-48660
weaknesses.