CVE-2022-49997

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: lantiq_xrx200: restore buffer if memory allocation failed

In a situation where memory allocation fails, an invalid buffer address is stored. When this descriptor is used again, the system panics in the build_skb() function when accessing memory.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7ea6cd16f1599c1eac6018751eadbc5fc736b99a < 3ef2786e32d93e562cd40601248a14ae090de873affected
LinuxLinux7ea6cd16f1599c1eac6018751eadbc5fc736b99a < c9c3b1775f80fa21f5bff874027d2ccb10f5d90caffected
LinuxLinux217395c5ab15e92a4fd84fe77fab6b0b1bb4e456affected
LinuxLinux70c8418469fb22a679fe5015ebe60fe15011ea43affected
LinuxLinux5e006cdb9b759f604c4fc69b410aab37cf45f5b4affected
LinuxLinux5.4.128 < 5.5affected
LinuxLinux5.10.46 < 5.11affected
LinuxLinux5.12.13 < 5.13affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.19.6 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References