Integer overflow in Linux kernel acpi apei driver

1) Integer overflow

EUVDB-ID: #VU108341

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-49885

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to integer overflow within the ghes_unmap() function in drivers/acpi/apei/ghes.c. A local user can execute arbitrary code.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 5.15 - 5.15.77

CPE2.3

• cpe:2.3:o:linux_foundation:linux_kernel:5.15:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc1:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc2:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc3:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc4:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc5:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc6:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15:rc7:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15.0:*:*:*:*:*:*:*
• cpe:2.3:o:linux_foundation:linux_kernel:5.15.1:*:*:*:*:*:*:*

External links

https://git.kernel.org/stable/c/43d2748394c3feb86c0c771466f5847e274fc043
https://git.kernel.org/stable/c/4c10c854113720cbfe75d4f51db79b700a629e73
https://git.kernel.org/stable/c/9edf20e5a1d805855e78f241cf221d741b50d482
https://git.kernel.org/stable/c/c50ec15725e005e9fb20bce69b6c23b135a4a9b7
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.78

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.