CVE-2022-48934

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-48934
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48934.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-48934
Downstream
Related
Published
2024-08-22T03:31:28.388Z
Modified
2026-04-11T12:43:18.082015Z
Summary
nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
Details

In the Linux kernel, the following vulnerability has been resolved:

nfp: flower: Fix a potential leak in nfptunneladdsharedmac()

idasimpleget() returns an id between min (0) and max (NFPMAXMACINDEX) inclusive. So NFPMAXMACINDEX (0xff) is a valid id.

In order for the error handling path to work correctly, the 'invalid' value for 'idaidx' should not be in the 0..NFPMAXMACINDEX range, inclusive.

So set it to -1.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48934.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
20cce88650981ec504d328dbbdd004d991eb8535
Fixed
5ad5886f85b6bd893e3ed19013765fb0c243c069
Fixed
af4bc921d39dffdb83076e0a7eed1321242b7d87
Fixed
9d8097caa73200710d52b9f4d9f430548f46a900
Fixed
4086d2433576baf85f0e538511df97c8101e0a10
Fixed
3a14d0888eb4b0045884126acc69abfb7b87814d

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48934.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.1.0
Fixed
5.4.182
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.103
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.26
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.12

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48934.json"