CVE-2022-49946

Published: Jun 18, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypi_discover_clocks() relies on the assumption that the id of the last clock element is zero. Because this data comes from the Videocore firmware and it doesn't guarantuee such a behavior this could lead to out-of-bounds access. So fix this by providing a sentinel element.

Vendor	Product	Versions
Linux	Linux	affected `93d2725affd65686792f4b57e49ef660f3c8c0f9 - < fcae47b2d23c81603b01f56cf8db63ed64599d34` affected `93d2725affd65686792f4b57e49ef660f3c8c0f9 - < ff0b144d4b0a9fbd6efe4d2c0a4b6c9bae2138d2` affected `93d2725affd65686792f4b57e49ef660f3c8c0f9 - < c8b04b731d43366824841ebdca4ac715f95e0ea4` affected `93d2725affd65686792f4b57e49ef660f3c8c0f9 - < bc163555603e4ae9c817675ad80d618a4cdbfa2d`
Linux	Linux	affected `5.9` unaffected `0 - < 5.9` unaffected `5.10.142 - <= 5.10.` unaffected `5.15.66 - <= 5.15.` unaffected `5.19.8 - <= 5.19.*` +1 more versions

References

https://git.kernel.org/stable/c/fcae47b2d23c81603b01f56cf8db63ed64599d34

https://git.kernel.org/stable/c/ff0b144d4b0a9fbd6efe4d2c0a4b6c9bae2138d2

https://git.kernel.org/stable/c/c8b04b731d43366824841ebdca4ac715f95e0ea4

https://git.kernel.org/stable/c/bc163555603e4ae9c817675ad80d618a4cdbfa2d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49946

Description

Affected Products

References