CVE-2022-49643

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in ima_appraise_measurement When the ima-modsig is enabled, the rc passed to evm_verifyxattr() may be negative, which may cause the integer overflow problem.

Vendor	Product	Versions
Linux	Linux	affected `39b07096364a42c516415d5f841069e885234e61 - < 388f3df7c3c8b7f2a32b9ae0a9b2f9f6ad3b1b77` affected `39b07096364a42c516415d5f841069e885234e61 - < 831e190175f10652be93b08436cc7bf2e62e4bb6` affected `39b07096364a42c516415d5f841069e885234e61 - < c8d5d81940938b5f6c0f495ca9538e7740416f30` affected `39b07096364a42c516415d5f841069e885234e61 - < 640cea4c2839a821adfbb703b590a5928abe9286` affected `39b07096364a42c516415d5f841069e885234e61 - < d2ee2cfc4aa85ff6a2a3b198a3a524ec54e3d999`
Linux	Linux	affected `5.4` unaffected `0 - < 5.4` unaffected `5.4.207 - <= 5.4.` unaffected `5.10.132 - <= 5.10.` unaffected `5.15.56 - <= 5.15.*` +2 more versions

References

https://git.kernel.org/stable/c/388f3df7c3c8b7f2a32b9ae0a9b2f9f6ad3b1b77

https://git.kernel.org/stable/c/831e190175f10652be93b08436cc7bf2e62e4bb6

https://git.kernel.org/stable/c/c8d5d81940938b5f6c0f495ca9538e7740416f30

https://git.kernel.org/stable/c/640cea4c2839a821adfbb703b590a5928abe9286

https://git.kernel.org/stable/c/d2ee2cfc4aa85ff6a2a3b198a3a524ec54e3d999

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49643

Description

Affected Products

References