VYPR
Unrated severityNVD Advisory· Published Jun 20, 2024· Updated May 4, 2025

dma-buf: heaps: Fix potential spectre v1 gadget

CVE-2022-48730

Description

In the Linux kernel, the following vulnerability has been resolved:

dma-buf: heaps: Fix potential spectre v1 gadget

It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via speculative execution by using array_index_nospec.

[sumits: added fixes and cc: stable tags]

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

142

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.