CVE-2022-48999
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48999
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48999.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-48999
- Downstream
- Related
- Published
- 2024-10-21T20:15:11Z
- Modified
- 2025-08-09T20:01:27Z
- Severity
-
- 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
Gwangun Jung reported a slab-out-of-bounds access in fibnhmatch: fibnhmatch+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fibsemantics.c:961 fibtabledelete+0x5f3/0xa40 linux-6.0-rc7/net/ipv4/fibtrie.c:1753 inetrtmdelroute+0x2b3/0x380 linux-6.0-rc7/net/ipv4/fib_frontend.c:874
Separate nexthop objects are mutually exclusive with the legacy multipath spec. Fix fibnhmatch to return if the config for the to be deleted route contains a multipath spec while the fib_info is using a nexthop object.
- References
-
- https://git.kernel.org/stable/c/0b5394229ebae09afc07aabccb5ffd705ffd250e
- https://git.kernel.org/stable/c/25174d91e4a32a24204060d283bd5fa6d0ddf133
- https://git.kernel.org/stable/c/61b91eb33a69c3be11b259c5ea484505cd79f883
- https://git.kernel.org/stable/c/bb20a2ae241be846bc3c11ea4b3a3c69e41d51f2
- https://git.kernel.org/stable/c/cc3cd130ecfb8b0ae52e235e487bae3f16a24a32