[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-48687":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":61,"related":62,"reserved_at":9,"published_at":77,"modified_at":78,"state":79,"summary":80,"references_raw":89,"kevs":120,"epss":121,"epss_history":124,"metrics":347,"affected":353},"CVE-2022-48687","In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix out-of-bounds read when setting HMAC data.\n\nThe SRv6 layer allows defining HMAC data that can later be used to sign IPv6\nSegment Routing Headers. This configuration is realised via netlink through\nfour attributes: SEG6_ATTR_HMACKEYID, SEG6_ATTR_SECRET, SEG6_ATTR_SECRETLEN and\nSEG6_ATTR_ALGID. Because the SECRETLEN attribute is decoupled from the actual\nlength of the SECRET attribute, it is possible to provide invalid combinations\n(e.g., secret = \"\", secretlen = 64). This case is not checked in the code and\nwith an appropriately crafted netlink message, an out-of-bounds read of up\nto 64 bytes (max secret length) can occur past the skb end pointer and into\nskb_shared_info:\n\nBreakpoint 1, seg6_genl_sethmac (skb=\u003Coptimized out>, info=\u003Coptimized out>) at net/ipv6/seg6.c:208\n208\t\tmemcpy(hinfo->secret, secret, slen);\n(gdb) bt\n #0  seg6_genl_sethmac (skb=\u003Coptimized out>, info=\u003Coptimized out>) at net/ipv6/seg6.c:208\n #1  0xffffffff81e012e9 in genl_family_rcv_msg_doit (skb=skb@entry=0xffff88800b1f9f00, nlh=nlh@entry=0xffff88800b1b7600,\n    extack=extack@entry=0xffffc90000ba7af0, ops=ops@entry=0xffffc90000ba7a80, hdrlen=4, net=0xffffffff84237580 \u003Cinit_net>, family=\u003Coptimized out>,\n    family=\u003Coptimized out>) at net/netlink/genetlink.c:731\n #2  0xffffffff81e01435 in genl_family_rcv_msg (extack=0xffffc90000ba7af0, nlh=0xffff88800b1b7600, skb=0xffff88800b1f9f00,\n    family=0xffffffff82fef6c0 \u003Cseg6_genl_family>) at net/netlink/genetlink.c:775\n #3  genl_rcv_msg (skb=0xffff88800b1f9f00, nlh=0xffff88800b1b7600, extack=0xffffc90000ba7af0) at net/netlink/genetlink.c:792\n #4  0xffffffff81dfffc3 in netlink_rcv_skb (skb=skb@entry=0xffff88800b1f9f00, cb=cb@entry=0xffffffff81e01350 \u003Cgenl_rcv_msg>)\n    at net/netlink/af_netlink.c:2501\n #5  0xffffffff81e00919 in genl_rcv (skb=0xffff88800b1f9f00) at net/netlink/genetlink.c:803\n #6  0xffffffff81dff6ae in netlink_unicast_kernel (ssk=0xffff888010eec800, skb=0xffff88800b1f9f00, sk=0xffff888004aed000)\n    at net/netlink/af_netlink.c:1319\n #7  netlink_unicast (ssk=ssk@entry=0xffff888010eec800, skb=skb@entry=0xffff88800b1f9f00, portid=portid@entry=0, nonblock=\u003Coptimized out>)\n    at net/netlink/af_netlink.c:1345\n #8  0xffffffff81dff9a4 in netlink_sendmsg (sock=\u003Coptimized out>, msg=0xffffc90000ba7e48, len=\u003Coptimized out>) at net/netlink/af_netlink.c:1921\n...\n(gdb) p/x ((struct sk_buff *)0xffff88800b1f9f00)->head + ((struct sk_buff *)0xffff88800b1f9f00)->end\n$1 = 0xffff88800b1b76c0\n(gdb) p/x secret\n$2 = 0xffff88800b1b76c0\n(gdb) p slen\n$3 = 64 '@'\n\nThe OOB data can then be read back from userspace by dumping HMAC state. This\ncommit fixes this by ensuring SECRETLEN cannot exceed the actual length of\nSECRET.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59],{"_key":28},"SUSE-SU-2024:1644-1",{"_key":30},"SUSE-SU-2024:1659-1",{"_key":32},"SUSE-SU-2024:1642-1",{"_key":34},"SUSE-SU-2024:1643-1",{"_key":36},"SUSE-SU-2024:1645-1",{"_key":38},"SUSE-SU-2024:1646-1",{"_key":40},"SUSE-SU-2024:1650-1",{"_key":42},"SUSE-SU-2024:1870-1",{"_key":44},"SUSE-SU-2024:2091-1",{"_key":46},"SUSE-SU-2024:2216-1",{"_key":48},"SUSE-SU-2025:0231-1",{"_key":50},"SUSE-SU-2024:1663-1",{"_key":52},"SUSE-SU-2024:2011-1",{"_key":54},"SUSE-SU-2024:2189-1",{"_key":56},"DEBIAN-CVE-2022-48687",{"_key":58},"RHSA-2024:6753",{"_key":60},"UBUNTU-CVE-2022-48687",[],[63,64,65,66,67,68,69,70,71,72,73,74,75,76],{"_key":28},{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":50},{"_key":52},{"_key":54},"2024-05-03T14:59:32.099Z","2026-05-11T18:45:00.928Z","Modified",{"cisa_kev":81,"cisa_ransomware":81,"cisa_vendor":9,"epss_severity":82,"epss_score":83,"severity":84,"severity_score":85,"severity_version":86,"severity_source":87,"severity_vector":88,"severity_status":79},false,"low",0.00013,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",[90,96,100,104,108,112,116],{"url":91,"sources":92,"tags":94},"https://git.kernel.org/stable/c/dc9dbd65c803af1607484fed5da50d41dc8dd864",[93,87],"cve.org",[95],"Patch",{"url":97,"sources":98,"tags":99},"https://git.kernel.org/stable/c/f684c16971ed5e77dfa25a9ad25b5297e1f58eab",[93,87],[95],{"url":101,"sources":102,"tags":103},"https://git.kernel.org/stable/c/3df71e11a4773d775c3633c44319f7acdb89011c",[93,87],[95],{"url":105,"sources":106,"tags":107},"https://git.kernel.org/stable/c/076f2479fc5a15c4a970ca3b5e57d42ba09a31fa",[93,87],[95],{"url":109,"sources":110,"tags":111},"https://git.kernel.org/stable/c/55195563ec29f80f984237b743de0e2b6ba4d093",[93,87],[95],{"url":113,"sources":114,"tags":115},"https://git.kernel.org/stable/c/56ad3f475482bca55b0ae544031333018eb145b3",[93,87],[95],{"url":117,"sources":118,"tags":119},"https://git.kernel.org/stable/c/84a53580c5d2138c7361c7c3eea5b31827e63b35",[93,87],[95],[],{"date":122,"score":83,"percentile":123},"2026-06-03",0.02466,[125,129,132,134,136,138,141,144,147,149,151,153,155,158,161,165,168,171,174,177,179,181,183,185,187,189,192,195,197,200,203,206,209,211,213,216,219,222,225,228,230,233,236,238,240,243,245,247,249,252,255,258,260,263,266,268,271,273,275,277,279,281,283,286,288,290,292,294,296,298,300,302,304,306,308,310,313,315,317,319,321,323,325,327,329,332,335,338,341,344],{"date":126,"score":127,"percentile":128},"2025-11-04",0.00008,0.0048,{"date":130,"score":127,"percentile":131},"2025-11-05",0.00479,{"date":133,"score":127,"percentile":128},"2025-11-06",{"date":135,"score":127,"percentile":128},"2025-11-07",{"date":137,"score":127,"percentile":131},"2025-11-08",{"date":139,"score":127,"percentile":140},"2025-11-09",0.00477,{"date":142,"score":127,"percentile":143},"2025-11-10",0.00476,{"date":145,"score":127,"percentile":146},"2025-11-11",0.00478,{"date":148,"score":127,"percentile":143},"2025-11-12",{"date":150,"score":127,"percentile":143},"2025-11-13",{"date":152,"score":127,"percentile":140},"2025-11-14",{"date":154,"score":127,"percentile":143},"2025-11-15",{"date":156,"score":127,"percentile":157},"2025-11-16",0.00475,{"date":159,"score":127,"percentile":160},"2025-11-17",0.00474,{"date":162,"score":163,"percentile":164},"2025-11-18",0.00071,0.17831,{"date":166,"score":163,"percentile":167},"2025-11-19",0.17853,{"date":169,"score":163,"percentile":170},"2025-11-20",0.17827,{"date":172,"score":127,"percentile":173},"2025-11-21",0.00482,{"date":175,"score":127,"percentile":176},"2025-11-22",0.00481,{"date":178,"score":127,"percentile":176},"2025-11-23",{"date":180,"score":127,"percentile":128},"2025-11-24",{"date":182,"score":127,"percentile":146},"2025-11-25",{"date":184,"score":127,"percentile":140},"2025-11-26",{"date":186,"score":127,"percentile":140},"2025-11-27",{"date":188,"score":127,"percentile":173},"2025-11-28",{"date":190,"score":127,"percentile":191},"2025-11-29",0.00488,{"date":193,"score":127,"percentile":194},"2025-11-30",0.00489,{"date":196,"score":127,"percentile":191},"2025-12-01",{"date":198,"score":127,"percentile":199},"2025-12-02",0.00487,{"date":201,"score":127,"percentile":202},"2025-12-03",0.0049,{"date":204,"score":127,"percentile":205},"2025-12-04",0.00494,{"date":207,"score":127,"percentile":208},"2025-12-05",0.00498,{"date":210,"score":127,"percentile":208},"2025-12-06",{"date":212,"score":127,"percentile":208},"2025-12-07",{"date":214,"score":127,"percentile":215},"2025-12-08",0.00502,{"date":217,"score":127,"percentile":218},"2025-12-09",0.00516,{"date":220,"score":127,"percentile":221},"2025-12-10",0.00517,{"date":223,"score":127,"percentile":224},"2025-12-11",0.00519,{"date":226,"score":127,"percentile":227},"2025-12-12",0.00525,{"date":229,"score":127,"percentile":227},"2025-12-13",{"date":231,"score":127,"percentile":232},"2025-12-14",0.00524,{"date":234,"score":127,"percentile":235},"2025-12-15",0.00522,{"date":237,"score":127,"percentile":232},"2025-12-16",{"date":239,"score":127,"percentile":227},"2025-12-17",{"date":241,"score":127,"percentile":242},"2025-12-18",0.0052,{"date":244,"score":127,"percentile":242},"2025-12-19",{"date":246,"score":127,"percentile":242},"2025-12-20",{"date":248,"score":127,"percentile":224},"2025-12-21",{"date":250,"score":127,"percentile":251},"2025-12-22",0.00521,{"date":253,"score":127,"percentile":254},"2025-12-23",0.00526,{"date":256,"score":127,"percentile":257},"2025-12-24",0.00527,{"date":259,"score":127,"percentile":257},"2025-12-25",{"date":261,"score":127,"percentile":262},"2025-12-26",0.00531,{"date":264,"score":127,"percentile":265},"2025-12-27",0.0053,{"date":267,"score":127,"percentile":262},"2025-12-28",{"date":269,"score":127,"percentile":270},"2025-12-29",0.00529,{"date":272,"score":127,"percentile":257},"2025-12-30",{"date":274,"score":127,"percentile":227},"2025-12-31",{"date":276,"score":127,"percentile":257},"2026-01-01",{"date":278,"score":127,"percentile":262},"2026-01-02",{"date":280,"score":127,"percentile":262},"2026-01-03",{"date":282,"score":127,"percentile":224},"2026-01-04",{"date":284,"score":127,"percentile":285},"2026-01-05",0.00523,{"date":287,"score":127,"percentile":235},"2026-01-06",{"date":289,"score":127,"percentile":251},"2026-01-07",{"date":291,"score":127,"percentile":285},"2026-01-08",{"date":293,"score":127,"percentile":270},"2026-01-09",{"date":295,"score":127,"percentile":265},"2026-01-10",{"date":297,"score":127,"percentile":265},"2026-01-11",{"date":299,"score":127,"percentile":257},"2026-01-12",{"date":301,"score":127,"percentile":254},"2026-01-13",{"date":303,"score":127,"percentile":254},"2026-01-14",{"date":305,"score":127,"percentile":254},"2026-01-15",{"date":307,"score":127,"percentile":257},"2026-01-16",{"date":309,"score":127,"percentile":257},"2026-01-17",{"date":311,"score":127,"percentile":312},"2026-01-18",0.00528,{"date":314,"score":127,"percentile":254},"2026-01-19",{"date":316,"score":127,"percentile":232},"2026-01-20",{"date":318,"score":127,"percentile":235},"2026-01-21",{"date":320,"score":127,"percentile":251},"2026-01-22",{"date":322,"score":127,"percentile":254},"2026-01-23",{"date":324,"score":127,"percentile":312},"2026-01-24",{"date":326,"score":127,"percentile":265},"2026-01-25",{"date":328,"score":127,"percentile":262},"2026-01-26",{"date":330,"score":127,"percentile":331},"2026-01-27",0.00537,{"date":333,"score":127,"percentile":334},"2026-01-28",0.00538,{"date":336,"score":127,"percentile":337},"2026-01-29",0.00541,{"date":339,"score":127,"percentile":340},"2026-01-30",0.00551,{"date":342,"score":127,"percentile":343},"2026-01-31",0.00554,{"date":345,"score":127,"percentile":346},"2026-02-01",0.00557,[348],{"source":87,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":349,"cvss_v4_0":9},{"baseScore":85,"baseSeverity":350,"vectorString":88,"impactScore":351,"exploitabilityScore":352},"MEDIUM",6,4.6,[354,386],{"ecosystem":9,"name":355,"vendor":356,"product":356,"cpe_part":357,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":358},"Linux","linux","a",[359,366,369,372,375,378,381,384],{"version":360,"is_range":361,"range_type":93,"version_start":362,"version_start_type":363,"version_end":364,"version_end_type":365,"fixed_in":9},">= 4f4853dc1c9c1994f6f756eabdcc25374ff271d9, \u003C dc9dbd65c803af1607484fed5da50d41dc8dd864",true,"4f4853dc1c9c1994f6f756eabdcc25374ff271d9","including","dc9dbd65c803af1607484fed5da50d41dc8dd864","excluding",{"version":367,"is_range":361,"range_type":93,"version_start":362,"version_start_type":363,"version_end":368,"version_end_type":365,"fixed_in":9},">= 4f4853dc1c9c1994f6f756eabdcc25374ff271d9, \u003C f684c16971ed5e77dfa25a9ad25b5297e1f58eab","f684c16971ed5e77dfa25a9ad25b5297e1f58eab",{"version":370,"is_range":361,"range_type":93,"version_start":362,"version_start_type":363,"version_end":371,"version_end_type":365,"fixed_in":9},">= 4f4853dc1c9c1994f6f756eabdcc25374ff271d9, \u003C 3df71e11a4773d775c3633c44319f7acdb89011c","3df71e11a4773d775c3633c44319f7acdb89011c",{"version":373,"is_range":361,"range_type":93,"version_start":362,"version_start_type":363,"version_end":374,"version_end_type":365,"fixed_in":9},">= 4f4853dc1c9c1994f6f756eabdcc25374ff271d9, \u003C 076f2479fc5a15c4a970ca3b5e57d42ba09a31fa","076f2479fc5a15c4a970ca3b5e57d42ba09a31fa",{"version":376,"is_range":361,"range_type":93,"version_start":362,"version_start_type":363,"version_end":377,"version_end_type":365,"fixed_in":9},">= 4f4853dc1c9c1994f6f756eabdcc25374ff271d9, \u003C 55195563ec29f80f984237b743de0e2b6ba4d093","55195563ec29f80f984237b743de0e2b6ba4d093",{"version":379,"is_range":361,"range_type":93,"version_start":362,"version_start_type":363,"version_end":380,"version_end_type":365,"fixed_in":9},">= 4f4853dc1c9c1994f6f756eabdcc25374ff271d9, \u003C 56ad3f475482bca55b0ae544031333018eb145b3","56ad3f475482bca55b0ae544031333018eb145b3",{"version":382,"is_range":361,"range_type":93,"version_start":362,"version_start_type":363,"version_end":383,"version_end_type":365,"fixed_in":9},">= 4f4853dc1c9c1994f6f756eabdcc25374ff271d9, \u003C 84a53580c5d2138c7361c7c3eea5b31827e63b35","84a53580c5d2138c7361c7c3eea5b31827e63b35",{"version":385,"is_range":81,"range_type":93,"version_start":385,"version_start_type":363,"version_end":385,"version_end_type":363,"fixed_in":9},"4.10",{"ecosystem":9,"name":387,"vendor":356,"product":388,"cpe_part":389,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":390},"linux kernel","linux_kernel","o",[391,395,399,403,407,411],{"version":392,"is_range":361,"range_type":393,"version_start":385,"version_start_type":363,"version_end":394,"version_end_type":365,"fixed_in":9},"gte4.10_lt4.14.298","cpe","4.14.298",{"version":396,"is_range":361,"range_type":393,"version_start":397,"version_start_type":363,"version_end":398,"version_end_type":365,"fixed_in":9},"gte4.15_lt4.19.258","4.15","4.19.258",{"version":400,"is_range":361,"range_type":393,"version_start":401,"version_start_type":363,"version_end":402,"version_end_type":365,"fixed_in":9},"gte4.20_lt5.4.213","4.20","5.4.213",{"version":404,"is_range":361,"range_type":393,"version_start":405,"version_start_type":363,"version_end":406,"version_end_type":365,"fixed_in":9},"gte5.5_lt5.10.143","5.5","5.10.143",{"version":408,"is_range":361,"range_type":393,"version_start":409,"version_start_type":363,"version_end":410,"version_end_type":365,"fixed_in":9},"gte5.11_lt5.15.68","5.11","5.15.68",{"version":412,"is_range":361,"range_type":393,"version_start":413,"version_start_type":363,"version_end":414,"version_end_type":365,"fixed_in":9},"gte5.16_lt5.19.9","5.16","5.19.9"]