CVE-2022-48743
5.3
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: amd-xgbe: Fix skb data length underflow
There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected.
Fix this by dropping the packet if such length underflows are seen because of inconsistencies in the hardware descriptors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | fafc9555d87a19c78bcd43ed731c3a73bf0b37a9 < 9924c80bd484340191e586110ca22bff23a49f2e | affected |
| Linux | Linux | 622c36f143fc9566ba49d7cec994c2da1182d9e2 < 617f9934bb37993b9813832516f318ba874bcb7d | affected |
| Linux | Linux | 622c36f143fc9566ba49d7cec994c2da1182d9e2 < 34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26 | affected |
| Linux | Linux | 622c36f143fc9566ba49d7cec994c2da1182d9e2 < 9892742f035f7aa7dcd2bb0750effa486db89576 | affected |
| Linux | Linux | 622c36f143fc9566ba49d7cec994c2da1182d9e2 < 4d3fcfe8464838b3920bc2b939d888e0b792934e | affected |
| Linux | Linux | 622c36f143fc9566ba49d7cec994c2da1182d9e2 < db6fd92316a254be2097556f01bccecf560e53ce | affected |
| Linux | Linux | 622c36f143fc9566ba49d7cec994c2da1182d9e2 < e8f73f620fee5f52653ed2da360121e4446575c5 | affected |
| Linux | Linux | 622c36f143fc9566ba49d7cec994c2da1182d9e2 < 5aac9108a180fc06e28d4e7fb00247ce603b72ee | affected |
| Linux | Linux | ae43f9360a21b35cf785ae9a0fdce524d7af0938 | affected |
| Linux | Linux | ae9d577f3dbb686862b7d0dc9cc73054f0964d4d | affected |
| Linux | Linux | 4.9.19 < 4.9.300 | affected |
| Linux | Linux | 4.4.58 < 4.5 | affected |
| Linux | Linux | 4.10.7 < 4.11 | affected |
| Linux | Linux | 4.11 | affected |
| Linux | Linux | 0 < 4.11 | unaffected |
| Linux | Linux | 4.9.300 <= 4.9.* | unaffected |
| Linux | Linux | 4.14.265 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.228 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.177 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.97 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.20 <= 5.15.* | unaffected |
| Linux | Linux | 5.16.6 <= 5.16.* | unaffected |
| Linux | Linux | 5.17 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e
- https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d
- https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26
- https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576
- https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e
- https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce
- https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5
- https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee
References
- https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e
- https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d
- https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26
- https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576
- https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e
- https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce
- https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5
- https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.