1. Home
  2. Vulnerabilities
  3. CVE-2022-48743

CVE-2022-48743

CVSS v3.1 5.5 (Medium)
55% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 1
Advisories 16
NVD Status Analyzed
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

In the Linux kernel, the following vulnerability has been resolved:

net: amd-xgbe: Fix skb data length underflow

There will be BUG_ON() triggered in include/linux/skbuff.h leading to
intermittent kernel panic, when the skb length underflow is detected.

Fix this by dropping the packet if such length underflows are seen
because of inconsistencies in the hardware descriptors.

Weaknesses
CWE-787
Out-of-bounds Write
CVE Status
PUBLISHED
NVD Status
Analyzed
CNA
kernel.org
Published Date
2024-06-20 12:15:12
(2 months ago)
Updated Date
2024-08-20 13:54:00
(3 weeks ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 4.9.19 version and prior 4.9.300 version cpe:2.3:o:linux:linux_kernel >= 4.9.19 < 4.9.300
  Linux Kernel from 4.11 version and prior 4.14.265 version cpe:2.3:o:linux:linux_kernel >= 4.11 < 4.14.265
  Linux Kernel from 4.15 version and prior 4.19.228 version cpe:2.3:o:linux:linux_kernel >= 4.15 < 4.19.228
  Linux Kernel from 4.20 version and prior 5.4.177 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.177
  Linux Kernel from 5.5 version and prior 5.10.97 version cpe:2.3:o:linux:linux_kernel >= 5.5 < 5.10.97
  Linux Kernel from 5.11 version and prior 5.15.20 version cpe:2.3:o:linux:linux_kernel >= 5.11 < 5.15.20
  Linux Kernel from 5.16 version and prior 5.16.6 version cpe:2.3:o:linux:linux_kernel >= 5.16 < 5.16.6