CVE-2022-48837

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-48837

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48837.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-48837

Downstream

DEBIAN-CVE-2022-48837

SUSE-SU-2024:2894-1

SUSE-SU-2024:2902-1

SUSE-SU-2024:2929-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2947-1

SUSE-SU-2024:3225-1

SUSE-SU-2024:3249-1

UBUNTU-CVE-2022-48837

Related

Published

2024-07-16T12:25:09Z

Modified

2025-10-15T18:25:56.714573Z

Summary

usb: gadget: rndis: prevent integer overflow in rndis_set_response()

Details

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: rndis: prevent integer overflow in rndissetresponse()

If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

ff0a90739925734c91c7e39befe3f4378e0c1369

Fixed

8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4c22fbcef778badb00fb8bb9f409daa29811c175

Fixed

c7953cf03a26876d676145ce5d2ae6d8c9630b90

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

db9aaa3026298d652e98f777bc0f5756e2455dda

Fixed

138d4f739b35dfb40438a0d5d7054965763bfbe7

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c9e952871ae47af784b4aef0a77db02e557074d6

Fixed

21829376268397f9fd2c35cfa9135937b6aa3a1e

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

fb4ff0f96de37c44236598e8b53fe43b1df36bf3

Fixed

28bc0267399f42f987916a7174e2e32f0833cc65

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

2da3b0ab54fb7f4d7c5a82757246d0ee33a47197

Fixed

56b38e3ca4064041d93c1ca18828c8cedad2e16c

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

2724ebafda0a8df08a9cb91557d33226bee80f7b

Fixed

df7e088d51cdf78b1a0bf1f3d405c2593295c7b0

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

38ea1eac7d88072bbffb630e2b3db83ca649b826

Fixed

65f3324f4b6fed78b8761c3b74615ecf0ffa81fa

Affected versions

v4.*

v4.14.267

v4.14.268

v4.14.269

v4.14.270

v4.14.271

v4.14.272

v4.19.230

v4.19.231

v4.19.232

v4.19.233

v4.19.234

v4.19.235

v4.9.302

v4.9.303

v4.9.304

v4.9.305

v4.9.306

v4.9.307

v5.*

v5.10.101

v5.10.102

v5.10.103

v5.10.104

v5.10.105

v5.10.106

v5.10.107

v5.15.24

v5.15.25

v5.15.26

v5.15.27

v5.15.28

v5.15.29

v5.15.30

v5.16.10

v5.16.11

v5.16.12

v5.16.13

v5.16.14

v5.16.15

v5.16.16

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.4.180

v5.4.181

v5.4.182

v5.4.183

v5.4.184

v5.4.185

v5.4.186

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.9.302

Fixed

4.9.308

Type: ECOSYSTEM
Events: Introduced

4.14.267

Fixed

4.14.273

Type: ECOSYSTEM
Events: Introduced

4.19.230

Fixed

4.19.236

Type: ECOSYSTEM
Events: Introduced

5.4.180

Fixed

5.4.187

Type: ECOSYSTEM
Events: Introduced

5.10.101

Fixed

5.10.108

Type: ECOSYSTEM
Events: Introduced

5.15.24

Fixed

5.15.31

Type: ECOSYSTEM
Events: Introduced

5.16.10

Fixed

5.16.17