In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Harden accesses to the reset domains
Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations if the SCMI driver misbehave.
Add an internal consistency check before any such domains descriptors accesses.
[
{
"digest": {
"function_hash": "200874730036062544118738345748047021748",
"length": 725.0
},
"id": "CVE-2022-48655-16fcd22e",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e9076ffbcaed5da6c182b144ef9f6e24554af268",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "scmi_domain_reset",
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"167361550224404665879480941227621438899",
"274444062617023298070324815534419606069",
"273220066276089608622592613682859258896",
"299317029466115533095664726793521726606"
],
"threshold": 0.9
},
"id": "CVE-2022-48655-3ec81d97",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7184491fc515f391afba23d0e9b690caaea72daf",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"24548643348221129937643461426037410930",
"41002171949942331971426505701981553091",
"3486980799763267140930039065358789221",
"66806087615546725657825664030618954881"
],
"threshold": 0.9
},
"id": "CVE-2022-48655-554e9756",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e9076ffbcaed5da6c182b144ef9f6e24554af268",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "200874730036062544118738345748047021748",
"length": 725.0
},
"id": "CVE-2022-48655-77266253",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1f08a1b26cfc53b7715abc46857c6023bb1b87de",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "scmi_domain_reset",
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"167361550224404665879480941227621438899",
"274444062617023298070324815534419606069",
"273220066276089608622592613682859258896",
"299317029466115533095664726793521726606"
],
"threshold": 0.9
},
"id": "CVE-2022-48655-7979ef09",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f2277d9e2a0d092c13bae7ee82d75432bb8b5108",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "200874730036062544118738345748047021748",
"length": 725.0
},
"id": "CVE-2022-48655-85d0e010",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8e65edf0d37698f7a6cb174608d3ec7976baf49e",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "scmi_domain_reset",
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Function"
},
{
"digest": {
"function_hash": "234469344848663315084304264860519574841",
"length": 654.0
},
"id": "CVE-2022-48655-a23b780e",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7184491fc515f391afba23d0e9b690caaea72daf",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "scmi_domain_reset",
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Function"
},
{
"digest": {
"line_hashes": [
"24548643348221129937643461426037410930",
"41002171949942331971426505701981553091",
"3486980799763267140930039065358789221",
"66806087615546725657825664030618954881"
],
"threshold": 0.9
},
"id": "CVE-2022-48655-a353b79f",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1f08a1b26cfc53b7715abc46857c6023bb1b87de",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Line"
},
{
"digest": {
"line_hashes": [
"24548643348221129937643461426037410930",
"41002171949942331971426505701981553091",
"3486980799763267140930039065358789221",
"66806087615546725657825664030618954881"
],
"threshold": 0.9
},
"id": "CVE-2022-48655-e2b56011",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8e65edf0d37698f7a6cb174608d3ec7976baf49e",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Line"
},
{
"digest": {
"function_hash": "234469344848663315084304264860519574841",
"length": 654.0
},
"id": "CVE-2022-48655-f6728b3c",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f2277d9e2a0d092c13bae7ee82d75432bb8b5108",
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "scmi_domain_reset",
"file": "drivers/firmware/arm_scmi/reset.c"
},
"signature_type": "Function"
}
]