摘要:
This vulnerability may cause kernel cache write overwriting, affecting integrity and system availability. When a hid device is created, the HID_GLOBAL_ITEM_TAG_REPORT_SIZE and HID_GLOBAL_ITEM_TAG_REPORT_COUNT fields are set to 0. As a result, the size field in the applied report structure is 0. This problem may occur when the device is accessed later. When report->size is set to 0, the memory length cleared by memset is 536870912. As a result, other memory areas are cleared by mistake, causing a kernel exception.
安全等级: Low
公告ID: KylinSec-SA-2023-1001
发布日期: 2023年1月5日
关联CVE: CVE-2022-20565
This vulnerability may cause kernel cache write overwriting, affecting integrity and system availability. When a hid device is created, the HID_GLOBAL_ITEM_TAG_REPORT_SIZE and HID_GLOBAL_ITEM_TAG_REPORT_COUNT fields are set to 0. As a result, the size field in the applied report structure is 0. This problem may occur when the device is accessed later. When report->size is set to 0, the memory length cleared by memset is 536870912. As a result, other memory areas are cleared by mistake, causing a kernel exception.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-20565 | KY3.4-4A | kernel | Unaffected |
| CVE-2022-20565 | KY3.4-5 | kernel | Unaffected |
| CVE-2022-20565 | KY3.5.1 | kernel | Unaffected |
