CVE-2022-48938

{"id": "CVE-2022-48938", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-08-22T04:15:17.787", "references": [{"url": "https://git.kernel.org/stable/c/49909c9f8458cacb5b241106cba65aba5a6d8f4c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/69560efa001397ebb8dc1c3e6a3ce00302bb9f7f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7b737e47b87589031f0d4657f6d7b0b770474925", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/8d2b1a1ec9f559d30b724877da4ce592edc41fdc", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9957fbf34f52a4d8945d1bf39aae400ef9a11246", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a612395c7631918e0e10ea48b9ce5ab4340f26a6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nCDC-NCM: avoid overflow in sanity checking\n\nA broken device may give an extreme offset like 0xFFF0\nand a reasonable length for a fragment. In the sanity\ncheck as formulated now, this will create an integer\noverflow, defeating the sanity check. Both offset\nand offset + len need to be checked in such a manner\nthat no overflow can occur.\nAnd those quantities should be unsigned."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: CDC-NCM: evitar desbordamiento en la comprobaci\u00f3n de cordura Un dispositivo roto puede dar un desplazamiento extremo como 0xFFF0 y una longitud razonable para un fragmento. En la verificaci\u00f3n de cordura tal como est\u00e1 formulada ahora, esto crear\u00e1 un desbordamiento de enteros, anulando la verificaci\u00f3n de cordura. Tanto el desplazamiento como el desplazamiento + len deben comprobarse de tal manera que no pueda producirse un desbordamiento. Y esas cantidades deber\u00edan estar sin firmar."}], "lastModified": "2024-11-08T16:15:17.730", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E2EF203-0F7F-41A9-9684-671AAD1D37A1", "versionEndExcluding": "5.10.103"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AB342AE-A62E-4947-A6EA-511453062B2B", "versionEndExcluding": "5.15.26", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C76BAB21-7F23-4AD8-A25F-CA7B262A2698", "versionEndExcluding": "5.16.12", "versionStartIncluding": "5.16"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}