DEBIAN-CVE-2022-48627

Advisory lineage Upstream: 1 Downstream: 1

Upstream

CVE-2022-48627

Downstream

DLA-3840-1

Published: 02 Mar 2024, 22:15

Last modified:28 Apr 2026, 20:24

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

3.1 (osv_debian)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

02 Mar 2024, 22:15

Published

Vulnerability first disclosed

28 Apr 2026, 20:24

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to memcpy because memcpy does not ensure its behavior if the destination buffer overlaps with the source buffer. The line buffer is not always broken, because the memcpy utilizes the hardware acceleration, whose result is not deterministic. Fix this problem by using replacing the scr_memcpyw with scr_memmovew.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Systems

debian•linux
< 5.10.136-1 | < 5.18.14-1 | < 5.18.14-1 | < 5.18.14-1

References (1)

https://security-tracker.debian.org/tracker/CVE-2022-48627