{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48732", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-20T11:09:39.053Z", "datePublished": "2024-06-20T11:13:20.065Z", "dateUpdated": "2024-09-11T17:34:48.977Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-06-20T11:14:21.847Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac's with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/nouveau/nvkm/subdev/bios/base.c"], "versions": [{"version": "4d4e9907ff57", "lessThan": "d4b746e60fd8", "status": "affected", "versionType": "git"}, {"version": "4d4e9907ff57", "lessThan": "909d3ec1bf9f", "status": "affected", "versionType": "git"}, {"version": "4d4e9907ff57", "lessThan": "b2a21669ee98", "status": "affected", "versionType": "git"}, {"version": "4d4e9907ff57", "lessThan": "acc887ba8833", "status": "affected", "versionType": "git"}, {"version": "4d4e9907ff57", "lessThan": "f071d9fa8575", "status": "affected", "versionType": "git"}, {"version": "4d4e9907ff57", "lessThan": "d877e814a62b", "status": "affected", "versionType": "git"}, {"version": "4d4e9907ff57", "lessThan": "e7c36fa8a1e6", "status": "affected", "versionType": "git"}, {"version": "4d4e9907ff57", "lessThan": "1b777d4d9e38", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/nouveau/nvkm/subdev/bios/base.c"], "versions": [{"version": "4.8", "status": "affected"}, {"version": "0", "lessThan": "4.8", "status": "unaffected", "versionType": "custom"}, {"version": "4.9.300", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.265", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.228", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.178", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.99", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.22", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.16.8", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/d4b746e60fd8eaa8016e144223abe91158edcdad"}, {"url": "https://git.kernel.org/stable/c/909d3ec1bf9f0ec534bfc081b77c0836fea7b0e2"}, {"url": "https://git.kernel.org/stable/c/b2a21669ee98aafc41c6d42ef15af4dab9e6e882"}, {"url": "https://git.kernel.org/stable/c/acc887ba88333f5fec49631f12d8cc7ebd95781c"}, {"url": "https://git.kernel.org/stable/c/f071d9fa857582d7bd77f4906691f73d3edeab73"}, {"url": "https://git.kernel.org/stable/c/d877e814a62b7de9069aeff8bc1d979dfc996e06"}, {"url": "https://git.kernel.org/stable/c/e7c36fa8a1e63b08312162179c78a0c7795ea369"}, {"url": "https://git.kernel.org/stable/c/1b777d4d9e383d2744fc9b3a09af6ec1893c8b1a"}], "title": "drm/nouveau: fix off by one in BIOS boundary checking", "x_generator": {"engine": "bippy-7d53e8ef8be4"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:00.118Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d4b746e60fd8eaa8016e144223abe91158edcdad", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/909d3ec1bf9f0ec534bfc081b77c0836fea7b0e2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b2a21669ee98aafc41c6d42ef15af4dab9e6e882", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/acc887ba88333f5fec49631f12d8cc7ebd95781c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f071d9fa857582d7bd77f4906691f73d3edeab73", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d877e814a62b7de9069aeff8bc1d979dfc996e06", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e7c36fa8a1e63b08312162179c78a0c7795ea369", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1b777d4d9e383d2744fc9b3a09af6ec1893c8b1a", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48732", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:10:57.349463Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:48.977Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d4b746e60fd8eaa8016e144223abe91158edcdad", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/909d3ec1bf9f0ec534bfc081b77c0836fea7b0e2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b2a21669ee98aafc41c6d42ef15af4dab9e6e882", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/acc887ba88333f5fec49631f12d8cc7ebd95781c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f071d9fa857582d7bd77f4906691f73d3edeab73", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d877e814a62b7de9069aeff8bc1d979dfc996e06", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e7c36fa8a1e63b08312162179c78a0c7795ea369", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1b777d4d9e383d2744fc9b3a09af6ec1893c8b1a", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:25:00.118Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48732", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:10:57.349463Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:26.098Z"}}], "cna": {"title": "drm/nouveau: fix off by one in BIOS boundary checking", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4d4e9907ff57", "lessThan": "d4b746e60fd8", "versionType": "git"}, {"status": "affected", "version": "4d4e9907ff57", "lessThan": "909d3ec1bf9f", "versionType": "git"}, {"status": "affected", "version": "4d4e9907ff57", "lessThan": "b2a21669ee98", "versionType": "git"}, {"status": "affected", "version": "4d4e9907ff57", "lessThan": "acc887ba8833", "versionType": "git"}, {"status": "affected", "version": "4d4e9907ff57", "lessThan": "f071d9fa8575", "versionType": "git"}, {"status": "affected", "version": "4d4e9907ff57", "lessThan": "d877e814a62b", "versionType": "git"}, {"status": "affected", "version": "4d4e9907ff57", "lessThan": "e7c36fa8a1e6", "versionType": "git"}, {"status": "affected", "version": "4d4e9907ff57", "lessThan": "1b777d4d9e38", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/nouveau/nvkm/subdev/bios/base.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.8"}, {"status": "unaffected", "version": "0", "lessThan": "4.8", "versionType": "custom"}, {"status": "unaffected", "version": "4.9.300", "versionType": "custom", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.265", "versionType": "custom", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.228", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.178", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.99", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.22", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16.8", "versionType": "custom", "lessThanOrEqual": "5.16.*"}, {"status": "unaffected", "version": "5.17", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/nouveau/nvkm/subdev/bios/base.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/d4b746e60fd8eaa8016e144223abe91158edcdad"}, {"url": "https://git.kernel.org/stable/c/909d3ec1bf9f0ec534bfc081b77c0836fea7b0e2"}, {"url": "https://git.kernel.org/stable/c/b2a21669ee98aafc41c6d42ef15af4dab9e6e882"}, {"url": "https://git.kernel.org/stable/c/acc887ba88333f5fec49631f12d8cc7ebd95781c"}, {"url": "https://git.kernel.org/stable/c/f071d9fa857582d7bd77f4906691f73d3edeab73"}, {"url": "https://git.kernel.org/stable/c/d877e814a62b7de9069aeff8bc1d979dfc996e06"}, {"url": "https://git.kernel.org/stable/c/e7c36fa8a1e63b08312162179c78a0c7795ea369"}, {"url": "https://git.kernel.org/stable/c/1b777d4d9e383d2744fc9b3a09af6ec1893c8b1a"}], "x_generator": {"engine": "bippy-7d53e8ef8be4"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac's with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-06-20T11:14:21.847Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48732", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:34:48.977Z", "dateReserved": "2024-06-20T11:09:39.053Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-20T11:13:20.065Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "25D2702A-FEF6-45AB-8193-2D0F0A51DF65", "versionEndExcluding": "4.9.300", "versionStartIncluding": "4.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F849B5B-93E9-438A-AE05-0380EC168436", "versionEndExcluding": "4.14.265", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "87288F16-8DE4-4680-95D9-8601B47620D7", "versionEndExcluding": "4.19.228", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6F090A25-CDC9-43D2-912A-64923DD7D182", "versionEndExcluding": "5.4.178", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "FA1C3B80-458E-4F34-A0BF-5223557F2863", "versionEndExcluding": "5.10.99", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "74528AA6-B524-4C3F-B188-1194235FE47D", "versionEndExcluding": "5.15.22", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0623892A-E3E4-44E6-8A5E-39A0B47AF782", "versionEndExcluding": "5.16.8", "versionStartIncluding": "5.16", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac's with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/nouveau: solucionado por uno en la comprobaci\u00f3n de los l\u00edmites del BIOS. La comprobaci\u00f3n de los l\u00edmites al analizar los scripts de inicio integrados en el BIOS rechaza el acceso al \u00faltimo byte. Esto hace que la inicializaci\u00f3n del controlador falle en Apple eMac con GPU GeForce 2 MX, dejando el sistema sin consola funcional. Probablemente esto solo se vea en m\u00e1quinas OpenFirmware como PowerPC Mac porque la imagen del BIOS proporcionada por OF es solo las partes utilizadas de la ROM, no una potencia de dos bloques le\u00edda directamente desde PCI, por lo que las PC siempre tienen bytes vac\u00edos al final que son nunca accedido."}], "id": "CVE-2022-48732", "lastModified": "2024-08-19T17:58:27.230", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-20T12:15:11.607", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1b777d4d9e383d2744fc9b3a09af6ec1893c8b1a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/909d3ec1bf9f0ec534bfc081b77c0836fea7b0e2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/acc887ba88333f5fec49631f12d8cc7ebd95781c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b2a21669ee98aafc41c6d42ef15af4dab9e6e882"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d4b746e60fd8eaa8016e144223abe91158edcdad"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d877e814a62b7de9069aeff8bc1d979dfc996e06"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e7c36fa8a1e63b08312162179c78a0c7795ea369"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f071d9fa857582d7bd77f4906691f73d3edeab73"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-193"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/nouveau: fix off by one in BIOS boundary checking", "id": "2293327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293327"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-119", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/nouveau: fix off by one in BIOS boundary checking\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac's with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed."], "name": "CVE-2022-48732", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48732\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48732\nhttps://lore.kernel.org/linux-cve-announce/2024062000-CVE-2022-48732-9d9b@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 4.9.300, kernel 4.14.265, kernel 4.19.228, kernel 5.4.178, kernel 5.10.99, kernel 5.15.22, kernel 5.16.8, kernel 5.17"}