{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-48803","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-07-16T11:38:08.896Z","datePublished":"2024-07-16T11:43:55.616Z","dateUpdated":"2025-05-04T08:23:26.465Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T08:23:26.465Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nphy: ti: Fix missing sentinel for clk_div_table\n\n_get_table_maxdiv() tries to access \"clk_div_table\" array out of bound\ndefined in phy-j721e-wiz.c. Add a sentinel entry to prevent\nthe following global-out-of-bounds error reported by enabling KASAN.\n\n[    9.552392] BUG: KASAN: global-out-of-bounds in _get_maxdiv+0xc0/0x148\n[    9.558948] Read of size 4 at addr ffff8000095b25a4 by task kworker/u4:1/38\n[    9.565926]\n[    9.567441] CPU: 1 PID: 38 Comm: kworker/u4:1 Not tainted 5.16.0-116492-gdaadb3bd0e8d-dirty #360\n[    9.576242] Hardware name: Texas Instruments J721e EVM (DT)\n[    9.581832] Workqueue: events_unbound deferred_probe_work_func\n[    9.587708] Call trace:\n[    9.590174]  dump_backtrace+0x20c/0x218\n[    9.594038]  show_stack+0x18/0x68\n[    9.597375]  dump_stack_lvl+0x9c/0xd8\n[    9.601062]  print_address_description.constprop.0+0x78/0x334\n[    9.606830]  kasan_report+0x1f0/0x260\n[    9.610517]  __asan_load4+0x9c/0xd8\n[    9.614030]  _get_maxdiv+0xc0/0x148\n[    9.617540]  divider_determine_rate+0x88/0x488\n[    9.622005]  divider_round_rate_parent+0xc8/0x124\n[    9.626729]  wiz_clk_div_round_rate+0x54/0x68\n[    9.631113]  clk_core_determine_round_nolock+0x124/0x158\n[    9.636448]  clk_core_round_rate_nolock+0x68/0x138\n[    9.641260]  clk_core_set_rate_nolock+0x268/0x3a8\n[    9.645987]  clk_set_rate+0x50/0xa8\n[    9.649499]  cdns_sierra_phy_init+0x88/0x248\n[    9.653794]  phy_init+0x98/0x108\n[    9.657046]  cdns_pcie_enable_phy+0xa0/0x170\n[    9.661340]  cdns_pcie_init_phy+0x250/0x2b0\n[    9.665546]  j721e_pcie_probe+0x4b8/0x798\n[    9.669579]  platform_probe+0x8c/0x108\n[    9.673350]  really_probe+0x114/0x630\n[    9.677037]  __driver_probe_device+0x18c/0x220\n[    9.681505]  driver_probe_device+0xac/0x150\n[    9.685712]  __device_attach_driver+0xec/0x170\n[    9.690178]  bus_for_each_drv+0xf0/0x158\n[    9.694124]  __device_attach+0x184/0x210\n[    9.698070]  device_initial_probe+0x14/0x20\n[    9.702277]  bus_probe_device+0xec/0x100\n[    9.706223]  deferred_probe_work_func+0x124/0x180\n[    9.710951]  process_one_work+0x4b0/0xbc0\n[    9.714983]  worker_thread+0x74/0x5d0\n[    9.718668]  kthread+0x214/0x230\n[    9.721919]  ret_from_fork+0x10/0x20\n[    9.725520]\n[    9.727032] The buggy address belongs to the variable:\n[    9.732183]  clk_div_table+0x24/0x440"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/phy/ti/phy-j721e-wiz.c"],"versions":[{"version":"091876cc355d6739e393efa4b3d07f451a6a035c","lessThan":"3c75d1017cb362b6a4e0935746ef5da28250919f","status":"affected","versionType":"git"},{"version":"091876cc355d6739e393efa4b3d07f451a6a035c","lessThan":"7a360e546ad9e7c3fd53d6bb60348c660cd28f54","status":"affected","versionType":"git"},{"version":"091876cc355d6739e393efa4b3d07f451a6a035c","lessThan":"5b0c9569135a37348c1267c81e8b0274b21a86ed","status":"affected","versionType":"git"},{"version":"091876cc355d6739e393efa4b3d07f451a6a035c","lessThan":"6d1e6bcb31663ee83aaea1f171f3dbfe95dd4a69","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/phy/ti/phy-j721e-wiz.c"],"versions":[{"version":"5.6","status":"affected"},{"version":"0","lessThan":"5.6","status":"unaffected","versionType":"semver"},{"version":"5.10.101","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.24","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"5.16.10","lessThanOrEqual":"5.16.*","status":"unaffected","versionType":"semver"},{"version":"5.17","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6","versionEndExcluding":"5.10.101"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6","versionEndExcluding":"5.15.24"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6","versionEndExcluding":"5.16.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6","versionEndExcluding":"5.17"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3c75d1017cb362b6a4e0935746ef5da28250919f"},{"url":"https://git.kernel.org/stable/c/7a360e546ad9e7c3fd53d6bb60348c660cd28f54"},{"url":"https://git.kernel.org/stable/c/5b0c9569135a37348c1267c81e8b0274b21a86ed"},{"url":"https://git.kernel.org/stable/c/6d1e6bcb31663ee83aaea1f171f3dbfe95dd4a69"}],"title":"phy: ti: Fix missing sentinel for clk_div_table","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T15:25:01.572Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/3c75d1017cb362b6a4e0935746ef5da28250919f","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/7a360e546ad9e7c3fd53d6bb60348c660cd28f54","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5b0c9569135a37348c1267c81e8b0274b21a86ed","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/6d1e6bcb31663ee83aaea1f171f3dbfe95dd4a69","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2022-48803","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T16:58:57.262200Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-11T17:34:14.151Z"}}]}}