CVE-2022-2639

CVSS v3.1 7.8 (High)

EPSS 0.04 % (5^th)

Affected Products 2

Advisories 28

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Weaknesses

CWE-192: Integer Coercion Error
CWE-681: Incorrect Conversion between Numeric Types

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2022-09-01 21:15:09
(2 years ago)
Updated Date: 2024-02-02 02:36:25
(7 months ago)

Affected Products

Linux

Linux Kernel

Redhat

Enterprise Linux

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.18.139 version and prior 3.19 version	cpe:2.3:o:linux:linux_kernel	>= 3.18.139	< 3.19
Linux Kernel from 4.4.179 version and prior 4.5 version	cpe:2.3:o:linux:linux_kernel	>= 4.4.179	< 4.5
Linux Kernel from 4.9.169 version and prior 4.9.312 version	cpe:2.3:o:linux:linux_kernel	>= 4.9.169	< 4.9.312
Linux Kernel from 4.14.112 version and prior 4.14.277 version	cpe:2.3:o:linux:linux_kernel	>= 4.14.112	< 4.14.277
Linux Kernel from 4.19.35 version and prior 4.19.240 version	cpe:2.3:o:linux:linux_kernel	>= 4.19.35	< 4.19.240
Linux Kernel from 5.0.8 version and prior 5.4.191 version	cpe:2.3:o:linux:linux_kernel	>= 5.0.8	< 5.4.191
Linux Kernel from 5.5 version and prior 5.10.113 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.113
Linux Kernel from 5.11 version and prior 5.15.36 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.36
Linux Kernel from 5.16 version and prior 5.17.5 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 5.17.5

Configuration #2

		CPE23	From	Up To
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0
	Redhat Enterprise Linux 9.0	cpe:2.3:o:redhat:enterprise_linux:9.0