CVE-2022-49870
Published: May 1, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAP_TO_MASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds in security/commoncap.c:1252:2 left shift of 1 by 31 places cannot be represented in type 'int' Call Trace: <TASK> dump_stack_lvl+0x7d/0xa5 dump_stack+0x15/0x1b ubsan_epilogue+0xe/0x4e __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c cap_task_prctl+0x561/0x6f0 security_task_prctl+0x5a/0xb0 __x64_sys_prctl+0x61/0x8f0 do_syscall_64+0x58/0x80 entry_SYSCALL_64_after_hwframe+0x63/0xcd </TASK>
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e338d263a76af78fe8f38a72131188b58fceb591 - < 5b79fa628e2ab789e629a83cd211ef9b4c1a593eaffected e338d263a76af78fe8f38a72131188b58fceb591 - < 65b0bc7a0690861812ade523d19f82688ab819dcaffected e338d263a76af78fe8f38a72131188b58fceb591 - < dbaab08c8677d598244d21afb7818e44e1c5d826affected e338d263a76af78fe8f38a72131188b58fceb591 - < 5661f111a1616ac105ec8cec81bff99b60f847acaffected e338d263a76af78fe8f38a72131188b58fceb591 - < fcbd2b336834bd24e1d9454ad5737856470c10d7+3 more versions |
Linux | Linux | affected 2.6.25unaffected 0 - < 2.6.25unaffected 4.9.334 - <= 4.9.*unaffected 4.14.300 - <= 4.14.*unaffected 4.19.267 - <= 4.19.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now