CVE-2022-48837
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: rndis: prevent integer overflow in rndis_set_response()
If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | ff0a90739925734c91c7e39befe3f4378e0c1369 < 8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b | affected |
| Linux | Linux | 4c22fbcef778badb00fb8bb9f409daa29811c175 < c7953cf03a26876d676145ce5d2ae6d8c9630b90 | affected |
| Linux | Linux | db9aaa3026298d652e98f777bc0f5756e2455dda < 138d4f739b35dfb40438a0d5d7054965763bfbe7 | affected |
| Linux | Linux | c9e952871ae47af784b4aef0a77db02e557074d6 < 21829376268397f9fd2c35cfa9135937b6aa3a1e | affected |
| Linux | Linux | fb4ff0f96de37c44236598e8b53fe43b1df36bf3 < 28bc0267399f42f987916a7174e2e32f0833cc65 | affected |
| Linux | Linux | 2da3b0ab54fb7f4d7c5a82757246d0ee33a47197 < 56b38e3ca4064041d93c1ca18828c8cedad2e16c | affected |
| Linux | Linux | 2724ebafda0a8df08a9cb91557d33226bee80f7b < df7e088d51cdf78b1a0bf1f3d405c2593295c7b0 | affected |
| Linux | Linux | 38ea1eac7d88072bbffb630e2b3db83ca649b826 < 65f3324f4b6fed78b8761c3b74615ecf0ffa81fa | affected |
| Linux | Linux | 4.9.302 < 4.9.308 | affected |
| Linux | Linux | 4.14.267 < 4.14.273 | affected |
| Linux | Linux | 4.19.230 < 4.19.236 | affected |
| Linux | Linux | 5.4.180 < 5.4.187 | affected |
| Linux | Linux | 5.10.101 < 5.10.108 | affected |
| Linux | Linux | 5.15.24 < 5.15.31 | affected |
| Linux | Linux | 5.16.10 < 5.16.17 | affected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b
- https://git.kernel.org/stable/c/c7953cf03a26876d676145ce5d2ae6d8c9630b90
- https://git.kernel.org/stable/c/138d4f739b35dfb40438a0d5d7054965763bfbe7
- https://git.kernel.org/stable/c/21829376268397f9fd2c35cfa9135937b6aa3a1e
- https://git.kernel.org/stable/c/28bc0267399f42f987916a7174e2e32f0833cc65
- https://git.kernel.org/stable/c/56b38e3ca4064041d93c1ca18828c8cedad2e16c
- https://git.kernel.org/stable/c/df7e088d51cdf78b1a0bf1f3d405c2593295c7b0
- https://git.kernel.org/stable/c/65f3324f4b6fed78b8761c3b74615ecf0ffa81fa
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b
- https://git.kernel.org/stable/c/c7953cf03a26876d676145ce5d2ae6d8c9630b90
- https://git.kernel.org/stable/c/138d4f739b35dfb40438a0d5d7054965763bfbe7
- https://git.kernel.org/stable/c/21829376268397f9fd2c35cfa9135937b6aa3a1e
- https://git.kernel.org/stable/c/28bc0267399f42f987916a7174e2e32f0833cc65
- https://git.kernel.org/stable/c/56b38e3ca4064041d93c1ca18828c8cedad2e16c
- https://git.kernel.org/stable/c/df7e088d51cdf78b1a0bf1f3d405c2593295c7b0
- https://git.kernel.org/stable/c/65f3324f4b6fed78b8761c3b74615ecf0ffa81fa
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.