CVE-2022-48743
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length underflows are seen because of inconsistencies in the hardware descriptors.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.3CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.01%• Percentile: 2%
Techniques & Countermeasures
- CWE-787•Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
Affected Systems
- linux•linux
≥ fafc9555d87a19c78bcd43ed731c3a73bf0b37a9, < 9924c80bd484340191e586110ca22bff23a49f2e | ≥ 622c36f143fc9566ba49d7cec994c2da1182d9e2, < 617f9934bb37993b9813832516f318ba874bcb7d | ≥ 622c36f143fc9566ba49d7cec994c2da1182d9e2, < 34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26 | ≥ 622c36f143fc9566ba49d7cec994c2da1182d9e2, < 9892742f035f7aa7dcd2bb0750effa486db89576 | ≥ 622c36f143fc9566ba49d7cec994c2da1182d9e2, < 4d3fcfe8464838b3920bc2b939d888e0b792934e | ≥ 622c36f143fc9566ba49d7cec994c2da1182d9e2, < db6fd92316a254be2097556f01bccecf560e53ce | ≥ 622c36f143fc9566ba49d7cec994c2da1182d9e2, < e8f73f620fee5f52653ed2da360121e4446575c5 | ≥ 622c36f143fc9566ba49d7cec994c2da1182d9e2, < 5aac9108a180fc06e28d4e7fb00247ce603b72ee | ae43f9360a21b35cf785ae9a0fdce524d7af0938 | ae9d577f3dbb686862b7d0dc9cc73054f0964d4d | ≥ 4.9.19, < 4.9.300 | ≥ 4.4.58, < 4.5 | ≥ 4.10.7, < 4.11 | 4.11
- linux•linux_kernel
≥ 4.9.19, < 4.9.300 | ≥ 4.11, < 4.14.265 | ≥ 4.15, < 4.19.228 | ≥ 4.20, < 5.4.177 | ≥ 5.5, < 5.10.97 | ≥ 5.11, < 5.15.20 | ≥ 5.16, < 5.16.6
References (8)
- https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e
- https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d
- https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26
- https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576
- https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e
- https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce
- https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5
- https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee