CVE-2022-48938
Published: Aug 22, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the sanity check. Both offset and offset + len need to be checked in such a manner that no overflow can occur. And those quantities should be unsigned.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 4ca8b8855264cf1439cdab3da7049bd1e3c2a9e6 - < a612395c7631918e0e10ea48b9ce5ab4340f26a6affected a270ca35a9499b58366d696d3290eaa4697a42db - < 9957fbf34f52a4d8945d1bf39aae400ef9a11246affected 0fa81b304a7973a499f844176ca031109487dd31 - < 69560efa001397ebb8dc1c3e6a3ce00302bb9f7faffected 0fa81b304a7973a499f844176ca031109487dd31 - < 49909c9f8458cacb5b241106cba65aba5a6d8f4caffected 0fa81b304a7973a499f844176ca031109487dd31 - < 7b737e47b87589031f0d4657f6d7b0b770474925+5 more versions |
Linux | Linux | affected 5.7unaffected 0 - < 5.7unaffected 4.19.323 - <= 4.19.*unaffected 5.4.285 - <= 5.4.*unaffected 5.10.103 - <= 5.10.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now