SB20240620206 - Race condition in Linux kernel rpmsg driver
Published: June 20, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240620206
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Race condition (CVE-ID: CVE-2022-48759)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rpmsg_ctrldev_release_device(), rpmsg_chrdev_probe() and rpmsg_chrdev_remove() functions in drivers/rpmsg/rpmsg_char.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/74d85e9fbc7022a4011102c7474a9c7aeb704a35
- https://git.kernel.org/stable/c/70cb4295ec806b663665e1d2ed15caab6159880e
- https://git.kernel.org/stable/c/da27b834c1e0222e149e06caddf7718478086d1b
- https://git.kernel.org/stable/c/1dbb206730f3e5ce90014ad569ddf8167ec4124a
- https://git.kernel.org/stable/c/85aba11a8ea92a8eef2de95ebbe063086fd62d9c
- https://git.kernel.org/stable/c/d6cdc6ae542845d4d0ac8b6d99362bde7042a3c7
- https://git.kernel.org/stable/c/b7fb2dad571d1e21173c06cef0bced77b323990a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.265
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.228
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.96
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.19
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.5
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.176