SB20250226576 - Improper error handling in Linux kernel irqchip driver
Published: February 26, 2025 Updated: May 11, 2025
Security Bulletin ID
SB20250226576
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2022-49716)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the gic_populate_ppi_partitions() function in drivers/irqchip/irq-gic-v3.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0b325d993995a321f6ab4e6c51f0504ec092bf5b
- https://git.kernel.org/stable/c/58e67c81e229351027d28c610638378606e33a08
- https://git.kernel.org/stable/c/7c9dd9d23f26dabcfb14148b9acdfba540418b19
- https://git.kernel.org/stable/c/c83c34c57798fc41faefcf078be78683db2f4beb
- https://git.kernel.org/stable/c/ec8401a429ffee34ccf38cebf3443f8d5ae6cb0d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.124
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.49
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.18.6
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.200