Lucene search
LinuxVULNRICHMENT:CVE-2022-48938HistoryAug 22, 2024 - 3:31 a.m.
CVE-2022-48938 CDC-NCM: avoid overflow in sanity checking
2024-08-2203:31:33
Linux
github.com
1
cve-2022-48938
cdc-ncm
integer overflow
linux kernel
sanity checking
In the Linux kernel, the following vulnerability has been resolved:
CDC-NCM: avoid overflow in sanity checking
A broken device may give an extreme offset like 0xFFF0
and a reasonable length for a fragment. In the sanity
check as formulated now, this will create an integer
overflow, defeating the sanity check. Both offset
and offset + len need to be checked in such a manner
that no overflow can occur.
And those quantities should be unsigned.
Related
ubuntucve
ubuntucve
CVE-2022-48938
2024-08-22 00:00:00
debiancve
debiancve
CVE-2022-48938
2024-08-22 04:15:17
osv
osv
CVE-2022-48938
2024-08-22 04:15:17
Security update for the Linux Kernel
2024-09-12 13:26:12
Security update for the Linux Kernel
2024-09-10 08:45:03
cvelist
cvelist
CVE-2022-48938 CDC-NCM: avoid overflow in sanity checking
2024-08-22 03:31:33
nvd
nvd
CVE-2022-48938
2024-08-22 04:15:17
cve
cve
CVE-2022-48938
2024-08-22 04:15:17
redhatcve
redhatcve
CVE-2022-48938
2024-08-22 15:16:43
redos
redos
ROS-20240828-07
2024-08-28 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3189-1)
2024-09-11 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:3251-1)
2024-09-17 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3252-1)
2024-09-17 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:3252-1)
2024-09-17 00:00:00
AI Score
7
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2022-48938