{"id":"CVE-2022-49145","summary":"ACPI: CPPC: Avoid out of bounds access when parsing _CPC data","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Avoid out of bounds access when parsing _CPC data\n\nIf the NumEntries field in the _CPC return package is less than 2, do\nnot attempt to access the \"Revision\" element of that package, because\nit may not be present then.\n\nBugLink: https://lore.kernel.org/lkml/20220322143534.GC32582@xsang-OptiPlex-9020/","modified":"2026-04-11T12:43:37.473332Z","published":"2025-02-26T01:55:14.355Z","related":["SUSE-SU-2025:01983-1","SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1194-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1263-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49145.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/28d5387c1994f5e1e0d41b30a1f3dd6e1f609252"},{"type":"WEB","url":"https://git.kernel.org/stable/c/40d8abf364bcab23bc715a9221a3c8623956257b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/97b5593fd1b182b3fdb180b6bbe64ec09669988b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b3f15609ffa521de12244cd6af24002030dda3f5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b80b19b32a432c9eee1cd200ef7aaddf608f54d1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cb249f8c00f40dba83b7da8207ac14ca46e9ec9e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d208ea44e25b31db5a4d5e8c31df51787a3e9303"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d7339f2a3938fb56b5f28d53f5345900b5fa0e74"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e5b681822cac1f8093759b02e16c06b2c64b6788"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49145.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49145"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"337aadff8e4567e39669e07d9a88b789d78458b5"},{"fixed":"b3f15609ffa521de12244cd6af24002030dda3f5"},{"fixed":"d208ea44e25b31db5a4d5e8c31df51787a3e9303"},{"fixed":"28d5387c1994f5e1e0d41b30a1f3dd6e1f609252"},{"fixed":"cb249f8c00f40dba83b7da8207ac14ca46e9ec9e"},{"fixed":"e5b681822cac1f8093759b02e16c06b2c64b6788"},{"fixed":"97b5593fd1b182b3fdb180b6bbe64ec09669988b"},{"fixed":"b80b19b32a432c9eee1cd200ef7aaddf608f54d1"},{"fixed":"d7339f2a3938fb56b5f28d53f5345900b5fa0e74"},{"fixed":"40d8abf364bcab23bc715a9221a3c8623956257b"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49145.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.4.0"},{"fixed":"4.9.311"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.10.0"},{"fixed":"4.14.276"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.238"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.189"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.110"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.33"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.16.19"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.17.0"},{"fixed":"5.17.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49145.json"}}],"schema_version":"1.7.5"}