CVE-2022-49035

EPSS 0.03%
Published 02.01.2025 15:15:18
Last modified 01.10.2025 20:15:43
Source 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Open
Login

In the Linux kernel, the following vulnerability has been resolved:

media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE

I expect that the hardware will have limited this to 16, but just in
case it hasn't, check for this corner case.

Affected products Warnungen 0 Metrics 3 CWE 1 References 11

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 4.9.333

Linux ≫ Linux Kernel Version >= 4.10 < 4.14.299

Linux ≫ Linux Kernel Version >= 4.15 < 4.19.265

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.224

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.154

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.78

Linux ≫ Linux Kernel Version >= 5.16 < 6.0.8

Linux ≫ Linux Kernel Version6.1 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.067

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

https://git.kernel.org/stable/c/1609231f86760c1f6a429de7913dd795b9faa08c

Patch

https://git.kernel.org/stable/c/2654e785bd4aa2439cdffbe7dc1ea30a0eddbfe4

Patch

https://git.kernel.org/stable/c/4a449430ecfb199b99ba58af63c467eb53500b39

Patch

https://git.kernel.org/stable/c/7ccb40f26cbefa1c6dfd3418bea54c9518cdbd8a

Patch

https://git.kernel.org/stable/c/93f65ce036863893c164ca410938e0968964b26c

Patch

https://git.kernel.org/stable/c/a2728bf9b6c65e46468c763e3dab7e04839d4e11

Patch