CVE-2022-48795

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.4-gentoo-parisc64 #4

Description The vulnerability is caused by overrunning the sglist and incorrectly testing sg dma len(sglist) before nents. Normally, this doesn't cause a crash, but in this case, sglist crossed a page boundary. The bug occurs in the following code: while (sg dma len(sglist) && nents--). The fix is simply to test nents first and move the decrement of nents into the loop.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the parisc: Fix data TLB miss in sba unmap sg vulnerability. Specifically, update to a version later than 5.15.4-gentoo-parisc64 #4.

Note: The provided information does not specify the exact version that includes the fix, so it is recommended to update to the latest available version of the Linux kernel.