QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2022-48630

Back to search

CVE-2022-48630

Published: Mar 5, 2024

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ The commit referenced in the Fixes tag removed the 'break' from the else branch in qcom_rng_read(), causing an infinite loop whenever 'max' is not a multiple of WORD_SZ. This can be reproduced e.g. by running: kcapi-rng -b 67 >/dev/null There are many ways to fix this without adding back the 'break', but they all seem more awkward than simply adding it back, so do just that. Tested on a machine with Qualcomm Amberwing processor.

VendorProductVersions

Linux

Linux

affected
a8e32bbb96c25b7ab29b1894dcd45e0b3b08fd9d - < 71a89789552b7faf3ef27969b9bc783fa0df3550
affected
184f7bd08ce56f003530fc19f160d54e75bf5c9d - < 8be06f62b426801dba43ddf8893952a0e62ab6ae
affected
0f9b7b8df17525e464294c916acc8194ce38446b - < 233a3cc60e7a8fe0be8cf9934ae7b67ba25a866c
affected
ab9337c7cb6f875b6286440b1adfbeeef2b2b2bd - < 8a06f25f5941c145773204f2f7abef95b4ffb8ce
affected
a680b1832ced3b5fa7c93484248fd221ea0d614b - < 05d4d17475d8d094c519bb51658bc47899c175e3

+7 more versions

Linux

Linux

affected
5.17
unaffected
0 - < 5.17
unaffected
4.19.245 - <= 4.19.*
unaffected
5.4.196 - <= 5.4.*
unaffected
5.10.118 - <= 5.10.*

+3 more versions

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now