SB2024060875 - Information disclosure in Linux kernel brcmstb pm driver
Published: June 8, 2024 Updated: May 13, 2025
Security Bulletin ID
SB2024060875
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Information disclosure (CVE-ID: CVE-2022-48693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the brcmstb_pm_probe() function in drivers/soc/bcm/brcmstb/pm/pm-arm.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0284b4e6dec6088a41607aa3f42bf51edff01883
- https://git.kernel.org/stable/c/57b2897ec3ffe4cbe018446be6d04432919dca6b
- https://git.kernel.org/stable/c/6dc0251638a4a1a998506dbd4627f8317e907558
- https://git.kernel.org/stable/c/43245c77d9efd8c9eb91bf225d07954dcf32204d
- https://git.kernel.org/stable/c/653500b400d5576940b7429690f7197199ddcc82
- https://git.kernel.org/stable/c/1085f5080647f0c9f357c270a537869191f7f2a1
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.258
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.143
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.68
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.213
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0