In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Harden accesses to the reset domains
Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations if the SCMI driver misbehave.
Add an internal consistency check before any such domains descriptors accesses.
{ "vanir_signatures": [ { "target": { "function": "scmi_domain_reset", "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e9076ffbcaed5da6c182b144ef9f6e24554af268", "digest": { "length": 725.0, "function_hash": "200874730036062544118738345748047021748" }, "deprecated": false, "id": "CVE-2022-48655-16fcd22e", "signature_type": "Function", "signature_version": "v1" }, { "target": { "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7184491fc515f391afba23d0e9b690caaea72daf", "digest": { "threshold": 0.9, "line_hashes": [ "167361550224404665879480941227621438899", "274444062617023298070324815534419606069", "273220066276089608622592613682859258896", "299317029466115533095664726793521726606" ] }, "deprecated": false, "id": "CVE-2022-48655-3ec81d97", "signature_type": "Line", "signature_version": "v1" }, { "target": { "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e9076ffbcaed5da6c182b144ef9f6e24554af268", "digest": { "threshold": 0.9, "line_hashes": [ "24548643348221129937643461426037410930", "41002171949942331971426505701981553091", "3486980799763267140930039065358789221", "66806087615546725657825664030618954881" ] }, "deprecated": false, "id": "CVE-2022-48655-554e9756", "signature_type": "Line", "signature_version": "v1" }, { "target": { "function": "scmi_domain_reset", "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1f08a1b26cfc53b7715abc46857c6023bb1b87de", "digest": { "length": 725.0, "function_hash": "200874730036062544118738345748047021748" }, "deprecated": false, "id": "CVE-2022-48655-77266253", "signature_type": "Function", "signature_version": "v1" }, { "target": { "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f2277d9e2a0d092c13bae7ee82d75432bb8b5108", "digest": { "threshold": 0.9, "line_hashes": [ "167361550224404665879480941227621438899", "274444062617023298070324815534419606069", "273220066276089608622592613682859258896", "299317029466115533095664726793521726606" ] }, "deprecated": false, "id": "CVE-2022-48655-7979ef09", "signature_type": "Line", "signature_version": "v1" }, { "target": { "function": "scmi_domain_reset", "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8e65edf0d37698f7a6cb174608d3ec7976baf49e", "digest": { "length": 725.0, "function_hash": "200874730036062544118738345748047021748" }, "deprecated": false, "id": "CVE-2022-48655-85d0e010", "signature_type": "Function", "signature_version": "v1" }, { "target": { "function": "scmi_domain_reset", "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7184491fc515f391afba23d0e9b690caaea72daf", "digest": { "length": 654.0, "function_hash": "234469344848663315084304264860519574841" }, "deprecated": false, "id": "CVE-2022-48655-a23b780e", "signature_type": "Function", "signature_version": "v1" }, { "target": { "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1f08a1b26cfc53b7715abc46857c6023bb1b87de", "digest": { "threshold": 0.9, "line_hashes": [ "24548643348221129937643461426037410930", "41002171949942331971426505701981553091", "3486980799763267140930039065358789221", "66806087615546725657825664030618954881" ] }, "deprecated": false, "id": "CVE-2022-48655-a353b79f", "signature_type": "Line", "signature_version": "v1" }, { "target": { "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8e65edf0d37698f7a6cb174608d3ec7976baf49e", "digest": { "threshold": 0.9, "line_hashes": [ "24548643348221129937643461426037410930", "41002171949942331971426505701981553091", "3486980799763267140930039065358789221", "66806087615546725657825664030618954881" ] }, "deprecated": false, "id": "CVE-2022-48655-e2b56011", "signature_type": "Line", "signature_version": "v1" }, { "target": { "function": "scmi_domain_reset", "file": "drivers/firmware/arm_scmi/reset.c" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f2277d9e2a0d092c13bae7ee82d75432bb8b5108", "digest": { "length": 654.0, "function_hash": "234469344848663315084304264860519574841" }, "deprecated": false, "id": "CVE-2022-48655-f6728b3c", "signature_type": "Function", "signature_version": "v1" } ] }