5.5

CVE-2022-48938

CDC-NCM: avoid overflow in sanity checking

In the Linux kernel, the following vulnerability has been resolved:

CDC-NCM: avoid overflow in sanity checking

A broken device may give an extreme offset like 0xFFF0
and a reasonable length for a fragment. In the sanity
check as formulated now, this will create an integer
overflow, defeating the sanity check. Both offset
and offset + len need to be checked in such a manner
that no overflow can occur.
And those quantities should be unsigned.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.10.103
LinuxLinux Kernel Version >= 5.11 < 5.15.26
LinuxLinux Kernel Version >= 5.16 < 5.16.12
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.114
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/49909c9f8458cacb5b241106cba65aba5a6d8f4c
Patch
https://git.kernel.org/stable/c/69560efa001397ebb8dc1c3e6a3ce00302bb9f7f
Patch
https://git.kernel.org/stable/c/7b737e47b87589031f0d4657f6d7b0b770474925
Patch
https://git.kernel.org/stable/c/8d2b1a1ec9f559d30b724877da4ce592edc41fdc
Patch
https://git.kernel.org/stable/c/9957fbf34f52a4d8945d1bf39aae400ef9a11246
https://git.kernel.org/stable/c/a612395c7631918e0e10ea48b9ce5ab4340f26a6