CVE-2022-48938

MEDIUM EPSS 11.5%
Published Aug 22, 20241y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Aug 22, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the sanity check. Both offset and offset + len need to be checked in such a manner that no overflow can occur. And those quantities should be unsigned.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
11.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-190 Integer Overflow or Wraparound Numeric Error

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel* <5.10.103
linuxlinux_kernel*≥5.11  –  <5.15.26
linuxlinux_kernel*≥5.16  –  <5.16.12

References 6

  • git.kernel.org https://git.kernel.org/stable/c/49909c9f8458cacb5b241106cba65aba5a6d8f4c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/69560efa001397ebb8dc1c3e6a3ce00302bb9f7f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7b737e47b87589031f0d4657f6d7b0b770474925
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8d2b1a1ec9f559d30b724877da4ce592edc41fdc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9957fbf34f52a4d8945d1bf39aae400ef9a11246
  • git.kernel.org https://git.kernel.org/stable/c/a612395c7631918e0e10ea48b9ce5ab4340f26a6

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/49909c9f8458cacb5b241106cba65aba5a6d8f4c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/69560efa001397ebb8dc1c3e6a3ce00302bb9f7f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7b737e47b87589031f0d4657f6d7b0b770474925
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8d2b1a1ec9f559d30b724877da4ce592edc41fdc
    Patch