{"id":"CVE-2022-48927","summary":"iio: adc: tsc2046: fix memory corruption by preventing array overflow","details":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: tsc2046: fix memory corruption by preventing array overflow\n\nOn one side we have indio_dev-\u003enum_channels includes all physical channels +\ntimestamp channel. On other side we have an array allocated only for\nphysical channels. So, fix memory corruption by ARRAY_SIZE() instead of\nnum_channels variable.\n\nNote the first case is a cleanup rather than a fix as the software\ntimestamp channel bit in active_scanmask is never set by the IIO core.","modified":"2026-04-11T12:43:16.827522Z","published":"2024-08-22T03:31:19.861Z","related":["SUSE-SU-2024:3190-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3227-1","SUSE-SU-2024:3408-1","SUSE-SU-2024:3483-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48927.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/082d2c047b0d305bb0b6e9f9d671a09470e2db2d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/0cb9b2f73c182d242a640e512f4785c7c504512f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b7a78a8adaa8849c02f174d707aead0f85dca0da"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48927.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48927"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9374e8f5a38defe90bc65b2decf317c1c62d91dd"},{"fixed":"0cb9b2f73c182d242a640e512f4785c7c504512f"},{"fixed":"082d2c047b0d305bb0b6e9f9d671a09470e2db2d"},{"fixed":"b7a78a8adaa8849c02f174d707aead0f85dca0da"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48927.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.14.0"},{"fixed":"5.15.26"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.16.12"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48927.json"}}],"schema_version":"1.7.5"}