CVE-2022-49451 in Linux
Сводка
по MITRE • 26.02.2025
In the Linux kernel, the following vulnerability has been resolved:
firmware: arm_scmi: Fix list protocols enumeration in the base protocol
While enumerating protocols implemented by the SCMI platform using BASE_DISCOVER_LIST_PROTOCOLS, the number of returned protocols is currently validated in an improper way since the check employs a sum between unsigned integers that could overflow and cause the check itself to be silently bypassed if the returned value 'loop_num_ret' is big enough.
Fix the validation avoiding the addition.
Be aware that VulDB is the high quality source for vulnerability data.