In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: rndis: prevent integer overflow in rndissetresponse()
If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow.
{ "vanir_signatures": [ { "id": "CVE-2022-48837-0df92d3e", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "74610532842214861125328212539619698848", "219320814454438370276643923899985203310", "235029350871556551678875653730524412287", "220013837063397485624450100683511902294" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56b38e3ca4064041d93c1ca18828c8cedad2e16c", "target": { "file": "drivers/usb/gadget/function/rndis.c" }, "signature_version": "v1", "signature_type": "Line" }, { "id": "CVE-2022-48837-2a1bb5d1", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "74610532842214861125328212539619698848", "219320814454438370276643923899985203310", "235029350871556551678875653730524412287", "220013837063397485624450100683511902294" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65f3324f4b6fed78b8761c3b74615ecf0ffa81fa", "target": { "file": "drivers/usb/gadget/function/rndis.c" }, "signature_version": "v1", "signature_type": "Line" }, { "id": "CVE-2022-48837-2d7f6418", "deprecated": false, "digest": { "function_hash": "324509543485242453198264164088682879174", "length": 1113.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@56b38e3ca4064041d93c1ca18828c8cedad2e16c", "target": { "file": "drivers/usb/gadget/function/rndis.c", "function": "rndis_set_response" }, "signature_version": "v1", "signature_type": "Function" }, { "id": "CVE-2022-48837-2efd6c8e", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "74610532842214861125328212539619698848", "219320814454438370276643923899985203310", "235029350871556551678875653730524412287", "220013837063397485624450100683511902294" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b", "target": { "file": "drivers/usb/gadget/function/rndis.c" }, "signature_version": "v1", "signature_type": "Line" }, { "id": "CVE-2022-48837-2f46f2b0", "deprecated": false, "digest": { "function_hash": "324509543485242453198264164088682879174", "length": 1113.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b", "target": { "file": "drivers/usb/gadget/function/rndis.c", "function": "rndis_set_response" }, "signature_version": "v1", "signature_type": "Function" }, { "id": "CVE-2022-48837-3573baea", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "74610532842214861125328212539619698848", "219320814454438370276643923899985203310", "235029350871556551678875653730524412287", "220013837063397485624450100683511902294" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@138d4f739b35dfb40438a0d5d7054965763bfbe7", "target": { "file": "drivers/usb/gadget/function/rndis.c" }, "signature_version": "v1", "signature_type": "Line" }, { "id": "CVE-2022-48837-5a1139d9", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "74610532842214861125328212539619698848", "219320814454438370276643923899985203310", "235029350871556551678875653730524412287", "220013837063397485624450100683511902294" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@df7e088d51cdf78b1a0bf1f3d405c2593295c7b0", "target": { "file": "drivers/usb/gadget/function/rndis.c" }, "signature_version": "v1", "signature_type": "Line" }, { "id": "CVE-2022-48837-62bc66ab", "deprecated": false, "digest": { "function_hash": "324509543485242453198264164088682879174", "length": 1113.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@138d4f739b35dfb40438a0d5d7054965763bfbe7", "target": { "file": "drivers/usb/gadget/function/rndis.c", "function": "rndis_set_response" }, "signature_version": "v1", "signature_type": "Function" }, { "id": "CVE-2022-48837-a6fec7eb", "deprecated": false, "digest": { "function_hash": "324509543485242453198264164088682879174", "length": 1113.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@28bc0267399f42f987916a7174e2e32f0833cc65", "target": { "file": "drivers/usb/gadget/function/rndis.c", "function": "rndis_set_response" }, "signature_version": "v1", "signature_type": "Function" }, { "id": "CVE-2022-48837-ac81fd2e", "deprecated": false, "digest": { "function_hash": "324509543485242453198264164088682879174", "length": 1113.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@21829376268397f9fd2c35cfa9135937b6aa3a1e", "target": { "file": "drivers/usb/gadget/function/rndis.c", "function": "rndis_set_response" }, "signature_version": "v1", "signature_type": "Function" }, { "id": "CVE-2022-48837-b1cd93e2", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "74610532842214861125328212539619698848", "219320814454438370276643923899985203310", "235029350871556551678875653730524412287", "220013837063397485624450100683511902294" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@21829376268397f9fd2c35cfa9135937b6aa3a1e", "target": { "file": "drivers/usb/gadget/function/rndis.c" }, "signature_version": "v1", "signature_type": "Line" }, { "id": "CVE-2022-48837-c4f82e04", "deprecated": false, "digest": { "function_hash": "324509543485242453198264164088682879174", "length": 1113.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@df7e088d51cdf78b1a0bf1f3d405c2593295c7b0", "target": { "file": "drivers/usb/gadget/function/rndis.c", "function": "rndis_set_response" }, "signature_version": "v1", "signature_type": "Function" }, { "id": "CVE-2022-48837-d8094e3e", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "74610532842214861125328212539619698848", "219320814454438370276643923899985203310", "235029350871556551678875653730524412287", "220013837063397485624450100683511902294" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@28bc0267399f42f987916a7174e2e32f0833cc65", "target": { "file": "drivers/usb/gadget/function/rndis.c" }, "signature_version": "v1", "signature_type": "Line" }, { "id": "CVE-2022-48837-e4373ef4", "deprecated": false, "digest": { "function_hash": "324509543485242453198264164088682879174", "length": 1113.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65f3324f4b6fed78b8761c3b74615ecf0ffa81fa", "target": { "file": "drivers/usb/gadget/function/rndis.c", "function": "rndis_set_response" }, "signature_version": "v1", "signature_type": "Function" }, { "id": "CVE-2022-48837-ef81db5f", "deprecated": false, "digest": { "function_hash": "324509543485242453198264164088682879174", "length": 1113.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c7953cf03a26876d676145ce5d2ae6d8c9630b90", "target": { "file": "drivers/usb/gadget/function/rndis.c", "function": "rndis_set_response" }, "signature_version": "v1", "signature_type": "Function" }, { "id": "CVE-2022-48837-f486ec81", "deprecated": false, "digest": { "threshold": 0.9, "line_hashes": [ "74610532842214861125328212539619698848", "219320814454438370276643923899985203310", "235029350871556551678875653730524412287", "220013837063397485624450100683511902294" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c7953cf03a26876d676145ce5d2ae6d8c9630b90", "target": { "file": "drivers/usb/gadget/function/rndis.c" }, "signature_version": "v1", "signature_type": "Line" } ] }