Bug 2348154 (CVE-2022-49122) - CVE-2022-49122 kernel: dm ioctl: prevent potential spectre v1 gadget
Summary: CVE-2022-49122 kernel: dm ioctl: prevent potential spectre v1 gadget
Keywords:
Status: NEW
Alias: CVE-2022-49122
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-02-26 03:19 UTC by OSIDB Bzimport
Modified: 2025-08-01 13:24 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2025:10005 0 None None None 2025-07-01 00:38:39 UTC
Red Hat Product Errata RHSA-2025:10009 0 None None None 2025-07-01 01:03:11 UTC
Red Hat Product Errata RHSA-2025:10179 0 None None None 2025-07-02 04:37:12 UTC
Red Hat Product Errata RHSA-2025:10829 0 None None None 2025-07-14 00:18:14 UTC
Red Hat Product Errata RHSA-2025:10830 0 None None None 2025-07-14 00:22:11 UTC

Description OSIDB Bzimport 2025-02-26 03:19:30 UTC 
In the Linux kernel, the following vulnerability has been resolved:

dm ioctl: prevent potential spectre v1 gadget

It appears like cmd could be a Spectre v1 gadget as it's supplied by a
user and used as an array index. Prevent the contents of kernel memory
from being leaked to userspace via speculative execution by using
array_index_nospec.
Comment 1 Avinash Hanwate 2025-02-26 13:53:50 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2022-49122-b139@gregkh/T
Comment 4 Avinash Hanwate 2025-02-26 18:12:00 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2022-49122-b139@gregkh/T
Comment 8 errata-xmlrpc 2025-07-01 00:38:38 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

Via RHSA-2025:10005 https://access.redhat.com/errata/RHSA-2025:10005
Comment 9 errata-xmlrpc 2025-07-01 01:03:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
  Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.6 Telecommunications Update Service

Via RHSA-2025:10009 https://access.redhat.com/errata/RHSA-2025:10009
Comment 10 errata-xmlrpc 2025-07-02 04:37:11 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2025:10179 https://access.redhat.com/errata/RHSA-2025:10179
Comment 11 errata-xmlrpc 2025-07-14 00:18:13 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:10829 https://access.redhat.com/errata/RHSA-2025:10829
Comment 12 errata-xmlrpc 2025-07-14 00:22:09 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions

Via RHSA-2025:10830 https://access.redhat.com/errata/RHSA-2025:10830
Note You need to log in before you can comment on or make changes to this bug.