CVE-2022-49122

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49122
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49122.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49122
Downstream
Related
Published
2025-02-26T01:55:02.161Z
Modified
2026-03-20T12:22:11.185619Z
Summary
dm ioctl: prevent potential spectre v1 gadget
Details

In the Linux kernel, the following vulnerability has been resolved:

dm ioctl: prevent potential spectre v1 gadget

It appears like cmd could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via speculative execution by using arrayindexnospec.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49122.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
76c94651005f58885facf9c973007f5ea01ab01f
Fixed
58880025e3362024f6d8ea01cb0c7a5df6c84ba6
Fixed
7ae2c5b89da3cfaf856df880af27d3bb32a74b3d
Fixed
0320bac5801b31407200227173205d017488f140
Fixed
71c8df33fd777c7628f6fbc09b14e84806c55914
Fixed
02cc46f397eb3691c56affbd5073e54f7a82ac32
Fixed
44e6cb3ab177faae840bb2c1ebda9a2539876184
Fixed
dd86064417de828ff2102ddc6049c829bf7585b4
Fixed
cd9c88da171a62c4b0f1c70e50c75845969fbc18

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49122.json"