CVE-2022-49570

In the Linux kernel, the following vulnerability has been resolved:

gpio: gpio-xilinx: Fix integer overflow

Current implementation is not able to configure more than 32 pins
due to incorrect data type. So type casting with unsigned long
to avoid it.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
VendorProductVersion
linuxlinux_kernel
5.14 ≤
𝑥
< 5.15.58
linuxlinux_kernel
5.16 ≤
𝑥
< 5.18.15
linuxlinux_kernel
5.19:rc1
linuxlinux_kernel
5.19:rc2
linuxlinux_kernel
5.19:rc3
linuxlinux_kernel
5.19:rc4
linuxlinux_kernel
5.19:rc5
linuxlinux_kernel
5.19:rc6
linuxlinux_kernel
5.19:rc7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/32c094a09d5829ad9b02cdf667569aefa8de0ea6
https://git.kernel.org/stable/c/6f16a5390640807dde420ee5ccbc4c95577aea6a
https://git.kernel.org/stable/c/e129e5486b981d324057e6986059f852658b0d00