CVE-2022-48927
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48927
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48927.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-48927
- Downstream
- Related
- Published
- 2024-08-22T03:31:19Z
- Modified
- 2025-10-08T07:14:23.067536Z
- Summary
- iio: adc: tsc2046: fix memory corruption by preventing array overflow
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
iio: adc: tsc2046: fix memory corruption by preventing array overflow
On one side we have indiodev->numchannels includes all physical channels + timestamp channel. On other side we have an array allocated only for physical channels. So, fix memory corruption by ARRAYSIZE() instead of numchannels variable.
Note the first case is a cleanup rather than a fix as the software timestamp channel bit in active_scanmask is never set by the IIO core.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9374e8f5a38defe90bc65b2decf317c1c62d91ddFixed0cb9b2f73c182d242a640e512f4785c7c504512f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9374e8f5a38defe90bc65b2decf317c1c62d91ddFixed082d2c047b0d305bb0b6e9f9d671a09470e2db2d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9374e8f5a38defe90bc65b2decf317c1c62d91ddFixedb7a78a8adaa8849c02f174d707aead0f85dca0da
Affected versions
v5.*
v5.13
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.3
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17-rc1
Database specific
{
"vanir_signatures": [
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b7a78a8adaa8849c02f174d707aead0f85dca0da",
"digest": {
"length": 1226.0,
"function_hash": "324103556240664539724377665773606903257"
},
"id": "CVE-2022-48927-1aafa757",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c",
"function": "tsc2046_adc_setup_spi_msg"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@082d2c047b0d305bb0b6e9f9d671a09470e2db2d",
"digest": {
"line_hashes": [
"137535559847389312744880093233145832823",
"94456167135768657693344813882359312251",
"217891026001923807502245601279305871863",
"235166042073913663007065421631061679716",
"115734083215077372500644634517648303221",
"290941450351685303921271207543406688079",
"89234881339033948760667130513531089137",
"286596058452753194472035618725590913501"
],
"threshold": 0.9
},
"id": "CVE-2022-48927-2567d7ed",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@082d2c047b0d305bb0b6e9f9d671a09470e2db2d",
"digest": {
"length": 1226.0,
"function_hash": "324103556240664539724377665773606903257"
},
"id": "CVE-2022-48927-2aff4a9c",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c",
"function": "tsc2046_adc_setup_spi_msg"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0cb9b2f73c182d242a640e512f4785c7c504512f",
"digest": {
"length": 709.0,
"function_hash": "305807073538489853033870041578683274462"
},
"id": "CVE-2022-48927-2d64c44c",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c",
"function": "tsc2046_adc_update_scan_mode"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@082d2c047b0d305bb0b6e9f9d671a09470e2db2d",
"digest": {
"length": 709.0,
"function_hash": "305807073538489853033870041578683274462"
},
"id": "CVE-2022-48927-3dae0bf2",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c",
"function": "tsc2046_adc_update_scan_mode"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b7a78a8adaa8849c02f174d707aead0f85dca0da",
"digest": {
"length": 709.0,
"function_hash": "305807073538489853033870041578683274462"
},
"id": "CVE-2022-48927-8c11ac3c",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c",
"function": "tsc2046_adc_update_scan_mode"
},
"signature_version": "v1"
},
{
"signature_type": "Function",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0cb9b2f73c182d242a640e512f4785c7c504512f",
"digest": {
"length": 1226.0,
"function_hash": "324103556240664539724377665773606903257"
},
"id": "CVE-2022-48927-9f70fa50",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c",
"function": "tsc2046_adc_setup_spi_msg"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b7a78a8adaa8849c02f174d707aead0f85dca0da",
"digest": {
"line_hashes": [
"137535559847389312744880093233145832823",
"94456167135768657693344813882359312251",
"217891026001923807502245601279305871863",
"235166042073913663007065421631061679716",
"115734083215077372500644634517648303221",
"290941450351685303921271207543406688079",
"89234881339033948760667130513531089137",
"286596058452753194472035618725590913501"
],
"threshold": 0.9
},
"id": "CVE-2022-48927-aab9264c",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c"
},
"signature_version": "v1"
},
{
"signature_type": "Line",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0cb9b2f73c182d242a640e512f4785c7c504512f",
"digest": {
"line_hashes": [
"137535559847389312744880093233145832823",
"94456167135768657693344813882359312251",
"217891026001923807502245601279305871863",
"235166042073913663007065421631061679716",
"115734083215077372500644634517648303221",
"290941450351685303921271207543406688079",
"89234881339033948760667130513531089137",
"286596058452753194472035618725590913501"
],
"threshold": 0.9
},
"id": "CVE-2022-48927-d0ee9389",
"target": {
"file": "drivers/iio/adc/ti-tsc2046.c"
},
"signature_version": "v1"
}
]
}