CVE-2022-49356

MEDIUM EPSS 14.9%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Trap RDMA segment overflows Prevent svc_rdma_build_writes() from walking off the end of a Write chunk's segment array. Caught with KASAN. The test that this fix replaces is invalid, and might have been left over from an earlier prototype of the PCL work.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.11  –  <5.15.47
linuxlinux_kernel*≥5.16  –  <5.17.15
linuxlinux_kernel*≥5.18  –  <5.18.4
linuxlinux_kernel5.19any

References 4

  • git.kernel.org https://git.kernel.org/stable/c/659f7568e09593945c221bf20217a82ebdfe1328
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/812c13521d4a72469c78ce06d8cdc8dc5b5557b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea26bf5eca1459b5a7824997d7823409ce38214e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f012e95b377c73c0283f009823c633104dedb337
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/659f7568e09593945c221bf20217a82ebdfe1328
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/812c13521d4a72469c78ce06d8cdc8dc5b5557b5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea26bf5eca1459b5a7824997d7823409ce38214e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f012e95b377c73c0283f009823c633104dedb337
    Patch