CVE-2022-48762

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the load unaligned zeropad function in the arm64 component of the Linux kernel. It involves the incorrect extraction of data and addr register indices from ex->type instead of ex->data. This can lead to the treatment of X0 as the address register and X4 as the data register, potentially causing the dereference of an arbitrary address and corruption of X4, resulting in arbitrary behavior within load unaligned zeropad and its caller. The problem is fixed by extracting both values from ex->data as originally intended. On an MTE-enabled QEMU image, this issue results in a crash due to a kernel NULL pointer dereference.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.