CVE-2022-49058
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
cifs: potential buffer overflow in handling symlinks
Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max)
It's caused because Smatch marks 'link_len' as untrusted since it comes from sscanf(). Add a check to ensure that 'link_len' is not larger than the size of the 'link_str' buffer.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | c69c1b6eaea1b3e1eecf7ad2fba0208ac4a11131 < 3e582749e742e662a8e9bb37cffac62dccaaa1e2 | affected |
| Linux | Linux | c69c1b6eaea1b3e1eecf7ad2fba0208ac4a11131 < 1316c28569a80ab3596eeab05bf5e01991e7e739 | affected |
| Linux | Linux | c69c1b6eaea1b3e1eecf7ad2fba0208ac4a11131 < eb5f51756944735ac70cd8bb38637cc202e29c91 | affected |
| Linux | Linux | c69c1b6eaea1b3e1eecf7ad2fba0208ac4a11131 < 22d658c6c5affed10c8907e67160cef0b6c92186 | affected |
| Linux | Linux | c69c1b6eaea1b3e1eecf7ad2fba0208ac4a11131 < 4e166a41180be2f1e66bbb6d46448e80a9a5ec05 | affected |
| Linux | Linux | c69c1b6eaea1b3e1eecf7ad2fba0208ac4a11131 < 9901b07ba42b39266b34a888e48d7306fd707bee | affected |
| Linux | Linux | c69c1b6eaea1b3e1eecf7ad2fba0208ac4a11131 < 515e7ba11ef043d6febe69389949c8ef5f25e9d0 | affected |
| Linux | Linux | c69c1b6eaea1b3e1eecf7ad2fba0208ac4a11131 < 64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304 | affected |
| Linux | Linux | 2.6.37 | affected |
| Linux | Linux | 0 < 2.6.37 | unaffected |
| Linux | Linux | 4.9.311 <= 4.9.* | unaffected |
| Linux | Linux | 4.14.276 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.239 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.190 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.112 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.35 <= 5.15.* | unaffected |
| Linux | Linux | 5.17.4 <= 5.17.* | unaffected |
| Linux | Linux | 5.18 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://git.kernel.org/stable/c/3e582749e742e662a8e9bb37cffac62dccaaa1e2
- https://git.kernel.org/stable/c/1316c28569a80ab3596eeab05bf5e01991e7e739
- https://git.kernel.org/stable/c/eb5f51756944735ac70cd8bb38637cc202e29c91
- https://git.kernel.org/stable/c/22d658c6c5affed10c8907e67160cef0b6c92186
- https://git.kernel.org/stable/c/4e166a41180be2f1e66bbb6d46448e80a9a5ec05
- https://git.kernel.org/stable/c/9901b07ba42b39266b34a888e48d7306fd707bee
- https://git.kernel.org/stable/c/515e7ba11ef043d6febe69389949c8ef5f25e9d0
- https://git.kernel.org/stable/c/64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.