CVE-2022-49659

Published: Feb 26, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits In commit 1be37d3b0414 ("can: m_can: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context") the RX path for peripheral devices was switched to RX-offload. Received CAN frames are pushed to RX-offload together with a timestamp. RX-offload is designed to handle overflows of the timestamp correctly, if 32 bit timestamps are provided. The timestamps of m_can core are only 16 bits wide. So this patch shifts them to full 32 bit before passing them to RX-offload.

Vendor	Product	Versions
Linux	Linux	affected `1be37d3b0414e3db47f6fcba6c16286bbae0cb65 - < c7333f79888497bfd75dcd02a94eaf836dd1042c` affected `1be37d3b0414e3db47f6fcba6c16286bbae0cb65 - < 2a2914a5bd7f38efe55a8372178146de82e0bce9` affected `1be37d3b0414e3db47f6fcba6c16286bbae0cb65 - < 4c3333693f07313f5f0145a922f14a7d3c0f4f21`
Linux	Linux	affected `5.13` unaffected `0 - < 5.13` unaffected `5.15.54 - <= 5.15.` unaffected `5.18.11 - <= 5.18.` unaffected `5.19 - <= *`

References

https://git.kernel.org/stable/c/c7333f79888497bfd75dcd02a94eaf836dd1042c

https://git.kernel.org/stable/c/2a2914a5bd7f38efe55a8372178146de82e0bce9

https://git.kernel.org/stable/c/4c3333693f07313f5f0145a922f14a7d3c0f4f21

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-49659

Description

Affected Products

References