Information disclosure in Linux kernel - CVE-2022-48693
Published: June 8, 2024 / Updated: May 13, 2025
Vulnerability identifier: #VU91352
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-48693
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the brcmstb_pm_probe() function in drivers/soc/bcm/brcmstb/pm/pm-arm.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
External links
- https://git.kernel.org/stable/c/0284b4e6dec6088a41607aa3f42bf51edff01883
- https://git.kernel.org/stable/c/57b2897ec3ffe4cbe018446be6d04432919dca6b
- https://git.kernel.org/stable/c/6dc0251638a4a1a998506dbd4627f8317e907558
- https://git.kernel.org/stable/c/43245c77d9efd8c9eb91bf225d07954dcf32204d
- https://git.kernel.org/stable/c/653500b400d5576940b7429690f7197199ddcc82
- https://git.kernel.org/stable/c/1085f5080647f0c9f357c270a537869191f7f2a1
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.258
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.143
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.68
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.9
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.213
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0