CVE-2022-49551
📋 TL;DR
This CVE describes an out-of-bounds array access vulnerability in the Linux kernel's USB ISP1760 host controller driver. The vulnerability allows reading beyond array boundaries, potentially leading to information disclosure or system instability. It affects Linux systems using the ISP1760 USB host controller driver.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory corruption leading to system crash, privilege escalation, or information disclosure of kernel memory contents.
Likely Case
System instability, kernel panic, or information disclosure of adjacent kernel memory.
If Mitigated
Minimal impact if KASAN or similar memory sanitizers detect and prevent the out-of-bounds access.
🎯 Exploit Status
Exploitation requires local access and specific hardware (ISP1760 USB controller). The vulnerability is a read-only out-of-bounds access, limiting potential impact.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fix commits: 26ae2c942b5702f2e43d36b2a4389cfb7d616b6a, 463bddd3ff1acf4036ddb80c34a715eb99debf46, 47d39cb57e8669e507d17d9e0d067d2b3e3a87ae, bf2558bbdce3ab1d6bcba09f354914e4515d0a2b
Vendor Advisory: https://git.kernel.org/stable/c/26ae2c942b5702f2e43d36b2a4389cfb7d616b6a
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix commits. 2. Reboot the system to load the patched kernel.
🔧 Temporary Workarounds
Disable ISP1760 USB controller
LinuxDisable the vulnerable USB controller if not required
echo 'blacklist isp1760' >> /etc/modprobe.d/blacklist.conf
rmmod isp1760
🧯 If You Can't Patch
- Disable the ISP1760 USB controller module if not needed
- Implement strict access controls to prevent unauthorized local access to affected systems
🔍 How to Verify
Check if Vulnerable:
Check if the ISP1760 driver is loaded: lsmod | grep isp1760. Check kernel version against affected versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits or is newer than the patched versions. Check dmesg for KASAN errors related to isp1760.📡 Detection & Monitoring
Log Indicators:
- KASAN error messages mentioning isp1760_register
- Kernel panic or oops messages related to USB or isp1760
Network Indicators:
- None - this is a local hardware driver vulnerability
SIEM Query:
Search for kernel logs containing 'KASAN', 'isp1760', or 'out-of-bounds'