{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T03:49:52.341","vulnerabilities":[{"cve":{"id":"CVE-2022-48927","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-08-22T04:15:15.530","lastModified":"2024-08-23T02:05:45.170","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: tsc2046: fix memory corruption by preventing array overflow\n\nOn one side we have indio_dev->num_channels includes all physical channels +\ntimestamp channel. On other side we have an array allocated only for\nphysical channels. So, fix memory corruption by ARRAY_SIZE() instead of\nnum_channels variable.\n\nNote the first case is a cleanup rather than a fix as the software\ntimestamp channel bit in active_scanmask is never set by the IIO core."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: adc: tsc2046: corrige la corrupción de la memoria evitando el desbordamiento de la matriz. Por un lado tenemos indio_dev->num_channels incluye todos los canales físicos + canal de marca de tiempo. Del otro lado tenemos un array asignado sólo para canales físicos. Por lo tanto, corrija la corrupción de la memoria con ARRAY_SIZE() en lugar de la variable num_channels. Tenga en cuenta que el primer caso es una limpieza en lugar de una solución, ya que el núcleo IIO nunca establece el bit del canal de marca de tiempo del software en active_scanmask."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"5.15.26","matchCriteriaId":"C4549DFF-A0BC-4C08-B874-F0090921E478"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.16.12","matchCriteriaId":"C76BAB21-7F23-4AD8-A25F-CA7B262A2698"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/082d2c047b0d305bb0b6e9f9d671a09470e2db2d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0cb9b2f73c182d242a640e512f4785c7c504512f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b7a78a8adaa8849c02f174d707aead0f85dca0da","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}