{"id":"CVE-2022-48804","summary":"vt_ioctl: fix array_index_nospec in vt_setactivate","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nvt_ioctl: fix array_index_nospec in vt_setactivate\n\narray_index_nospec ensures that an out-of-bounds value is set to zero\non the transient path. Decreasing the value by one afterwards causes\na transient integer underflow. vsa.console should be decreased first\nand then sanitized with array_index_nospec.\n\nKasper Acknowledgements: Jakob Koschel, Brian Johannesmeyer, Kaveh\nRazavi, Herbert Bos, Cristiano Giuffrida from the VUSec group at VU\nAmsterdam.","modified":"2026-05-07T04:15:38.469615Z","published":"2024-07-16T11:43:56.278Z","related":["ALSA-2024:7000","ALSA-2024:7001","SUSE-SU-2024:2892-1","SUSE-SU-2024:2894-1","SUSE-SU-2024:2901-1","SUSE-SU-2024:2902-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2940-1","SUSE-SU-2024:2947-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48804.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/170325aba4608bde3e7d21c9c19b7bc266ac0885"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2a45a6bd1e6d651770aafff57ab3e1d3bb0b42e0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/61cc70d9e8ef5b042d4ed87994d20100ec8896d9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6550bdf52846f85a2a3726a5aa0c7c4399f2fc02"},{"type":"WEB","url":"https://git.kernel.org/stable/c/778302ca09498b448620edd372dc908bebf80bdf"},{"type":"WEB","url":"https://git.kernel.org/stable/c/830c5aa302ec16b4ee641aec769462c37f802c90"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ae3d57411562260ee3f4fd5e875f410002341104"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ffe54289b02e9c732d6f04c8ebbe3b2d90d32118"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48804.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48804"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0ec459ec174031fad02a55e622cf2fc0d2e75a25"},{"fixed":"830c5aa302ec16b4ee641aec769462c37f802c90"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4334a6ae867aa12f01c1755368fd0de4c926ac75"},{"fixed":"2a45a6bd1e6d651770aafff57ab3e1d3bb0b42e0"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e97267cb4d1ee01ca0929638ec0fcbb0904f903d"},{"fixed":"170325aba4608bde3e7d21c9c19b7bc266ac0885"},{"fixed":"ae3d57411562260ee3f4fd5e875f410002341104"},{"fixed":"778302ca09498b448620edd372dc908bebf80bdf"},{"fixed":"ffe54289b02e9c732d6f04c8ebbe3b2d90d32118"},{"fixed":"6550bdf52846f85a2a3726a5aa0c7c4399f2fc02"},{"fixed":"61cc70d9e8ef5b042d4ed87994d20100ec8896d9"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"458697ab18b512445ac273ce68a9f8fd623fc0a3"},{"last_affected":"1aa698b65186c13ed775896ed1dfec7c26c73d60"},{"last_affected":"52ef74c21c277e50de771fc722d814a830b3036b"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48804.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.9.302"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.10.0"},{"fixed":"4.14.267"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.230"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.19.0"},{"fixed":"5.4.180"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.10.101"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.15.24"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.16.10"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48804.json"}}],"schema_version":"1.7.5"}