CVE-2022-48938

A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the sanity check. Both offset and offset + len need to be checked in such a manner that no overflow can occur. And those quantities should be unsigned.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48938.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4ca8b8855264cf1439cdab3da7049bd1e3c2a9e6

Fixed

a612395c7631918e0e10ea48b9ce5ab4340f26a6

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a270ca35a9499b58366d696d3290eaa4697a42db

Fixed

9957fbf34f52a4d8945d1bf39aae400ef9a11246

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0fa81b304a7973a499f844176ca031109487dd31

Fixed

69560efa001397ebb8dc1c3e6a3ce00302bb9f7f

Fixed

49909c9f8458cacb5b241106cba65aba5a6d8f4c

Fixed

7b737e47b87589031f0d4657f6d7b0b770474925

Fixed

8d2b1a1ec9f559d30b724877da4ce592edc41fdc

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

8cf7db86a8984ffa3a3388a8df12bc0aa4c79bd7

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48938.json"