CVE-2022-49792

In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1678d4abb2dc2ca3b05b998a9d88616976e4f947	Patch
https://git.kernel.org/stable/c/399b2105a2240e730b9f3880bd8f154247539aa7	Patch
https://git.kernel.org/stable/c/ca1547ab15f48dc81624183ae17a2fd1bad06dfc	Patch
https://git.kernel.org/stable/c/d95b85c5084ad70011988861ee864529eefa1da0	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc5::::::

History

05 Nov 2025, 15:21

Type	Values Removed	Values Added
CWE		CWE-125
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.1
First Time		Linux Linux linux Kernel
CPE		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.1:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc4::::::
References	~~() https://git.kernel.org/stable/c/1678d4abb2dc2ca3b05b998a9d88616976e4f947 -~~	() https://git.kernel.org/stable/c/1678d4abb2dc2ca3b05b998a9d88616976e4f947 - Patch
References	~~() https://git.kernel.org/stable/c/399b2105a2240e730b9f3880bd8f154247539aa7 -~~	() https://git.kernel.org/stable/c/399b2105a2240e730b9f3880bd8f154247539aa7 - Patch
References	~~() https://git.kernel.org/stable/c/ca1547ab15f48dc81624183ae17a2fd1bad06dfc -~~	() https://git.kernel.org/stable/c/ca1547ab15f48dc81624183ae17a2fd1bad06dfc - Patch
References	~~() https://git.kernel.org/stable/c/d95b85c5084ad70011988861ee864529eefa1da0 -~~	() https://git.kernel.org/stable/c/d95b85c5084ad70011988861ee864529eefa1da0 - Patch

02 May 2025, 13:53

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: adc: mp2629: se corrige un posible acceso fuera de los límites de la matriz. Se agrega centinela al final de los mapas para evitar un posible acceso fuera de los límites de la matriz en el núcleo iio.

01 May 2025, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-01 15:16

Updated : 2025-11-05 15:21

NVD link : CVE-2022-49792

Mitre link : CVE-2022-49792

CVE.ORG link : CVE-2022-49792

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-125

Out-of-bounds Read

7.1 /10