Fix Off by One in BIOS Boundary Checking

CVE-2022-48732

What is CVE-2022-48732?

A vulnerability exists within the Linux kernel's DRM Nouveau driver that compromises the boundary checking during the parsing of initialization scripts embedded in the BIOS. This flaw specifically affects Apple eMac systems equipped with GeForce 2 MX GPUs, where the driver initialization fails due to the rejection of access to the final byte of the memory allocation. This behavior is particularly prevalent on systems utilizing OpenFirmware, such as PowerPC Macs, as these machines utilize a BIOS image that contains only the utilized segments of the ROM, unlike typical PCs that generally include padded empty bytes. The result is a failure in providing a functional console, which can hinder system usability in affected machines.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References