CVE-2022-49845

MEDIUM EPSS 7.3%
Published May 1, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 1, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939_send_one(): fix missing CAN header initialization The read access to struct canxl_frame::len inside of a j1939 created skbuff revealed a missing initialization of reserved and later filled elements in struct can_frame. This patch initializes the 8 byte CAN header with zero.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
7.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-908

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥5.4  –  <5.4.225
linuxlinux_kernel*≥5.5  –  <5.10.155
linuxlinux_kernel*≥5.11  –  <5.15.79
linuxlinux_kernel*≥5.16  –  <6.0.9
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/2719f82ad5d8199cf5f346ea8bb3998ad5323b72
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3eb3d283e8579a22b81dd2ac3987b77465b2a22f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/69e86c6268d59ceddd0abe9ae8f1f5296f316c3c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0513b095e1ef1469718564dec3fb3348556d0a8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f8e0edeaa0f2b860bdbbf0aafb4492533043d650
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2719f82ad5d8199cf5f346ea8bb3998ad5323b72
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3eb3d283e8579a22b81dd2ac3987b77465b2a22f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/69e86c6268d59ceddd0abe9ae8f1f5296f316c3c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d0513b095e1ef1469718564dec3fb3348556d0a8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f8e0edeaa0f2b860bdbbf0aafb4492533043d650
    Patch