VYPR
High severity7.8NVD Advisory· Published Aug 22, 2024· Updated Jun 17, 2026

CVE-2022-48927

CVE-2022-48927

Description

In the Linux kernel, the following vulnerability has been resolved:

iio: adc: tsc2046: fix memory corruption by preventing array overflow

On one side we have indio_dev->num_channels includes all physical channels + timestamp channel. On other side we have an array allocated only for physical channels. So, fix memory corruption by ARRAY_SIZE() instead of num_channels variable.

Note the first case is a cleanup rather than a fix as the software timestamp channel bit in active_scanmask is never set by the IIO core.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

98

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.