CVE-2022-48655

Advisory lineage Upstream: 0 Downstream: 13

Downstream

DEBIAN-CVE-2022-48655 DLA-3843-1 DSA-5703-1 SUSE-SU-2024:1641-1 SUSE-SU-2024:1644-1 SUSE-SU-2024:1647-1

Analyzed

Published: 28 Apr 2024, 13:01

Last modified:11 May 2026, 18:44

Vulnerability Summary

Overall Risk (default)

medium

32/100

CVSS Score

8.1 HIGH

v3.1 (cve.org)

EPSS Score

0.05% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

28 Apr 2024, 13:01

Published

Vulnerability first disclosed

11 May 2026, 18:44

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations if the SCMI driver misbehave. Add an internal consistency check before any such domains descriptors accesses.

CVSS Metrics

v3.1•HIGH•Score: 8.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Trends

Current EPSS score: 0.05%• Percentile: 16%

Techniques & Countermeasures

CWE-119•Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

debian•debian_linux
10.0
linux•linux
≥ 95a15d80aa0de938299acfcbc6aa6f2b16f5d7e5, < 7184491fc515f391afba23d0e9b690caaea72daf | ≥ 95a15d80aa0de938299acfcbc6aa6f2b16f5d7e5, < f2277d9e2a0d092c13bae7ee82d75432bb8b5108 | ≥ 95a15d80aa0de938299acfcbc6aa6f2b16f5d7e5, < 1f08a1b26cfc53b7715abc46857c6023bb1b87de | ≥ 95a15d80aa0de938299acfcbc6aa6f2b16f5d7e5, < 8e65edf0d37698f7a6cb174608d3ec7976baf49e | ≥ 95a15d80aa0de938299acfcbc6aa6f2b16f5d7e5, < e9076ffbcaed5da6c182b144ef9f6e24554af268 | 5.4
linux•linux_kernel
≥ 5.4, < 5.4.277 | ≥ 5.5, < 5.10.218 | ≥ 5.11, < 5.15.71 | > 5.16, < 5.19.12 | 6.0:rc1 | 6.0:rc2 | 6.0:rc3 | 6.0:rc4 | 6.0:rc5 | 6.0:rc6