Vulnerability Details CVE-2022-48837
In the Linux kernel, the following vulnerability has been resolved:
usb: gadget: rndis: prevent integer overflow in rndis_set_response()
If "BufOffset" is very large the "BufOffset + 8" operation can have an
integer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.3%
CVSS Severity
CVSS v3 Score 7.8
References
- https://git.kernel.org/stable/c/138d4f739b35dfb40438a0d5d7054965763bfbe7
- https://git.kernel.org/stable/c/21829376268397f9fd2c35cfa9135937b6aa3a1e
- https://git.kernel.org/stable/c/28bc0267399f42f987916a7174e2e32f0833cc65
- https://git.kernel.org/stable/c/56b38e3ca4064041d93c1ca18828c8cedad2e16c
- https://git.kernel.org/stable/c/65f3324f4b6fed78b8761c3b74615ecf0ffa81fa
- https://git.kernel.org/stable/c/8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b
- https://git.kernel.org/stable/c/c7953cf03a26876d676145ce5d2ae6d8c9630b90
- https://git.kernel.org/stable/c/df7e088d51cdf78b1a0bf1f3d405c2593295c7b0
- https://git.kernel.org/stable/c/138d4f739b35dfb40438a0d5d7054965763bfbe7
- https://git.kernel.org/stable/c/21829376268397f9fd2c35cfa9135937b6aa3a1e
- https://git.kernel.org/stable/c/28bc0267399f42f987916a7174e2e32f0833cc65
- https://git.kernel.org/stable/c/56b38e3ca4064041d93c1ca18828c8cedad2e16c
- https://git.kernel.org/stable/c/65f3324f4b6fed78b8761c3b74615ecf0ffa81fa
- https://git.kernel.org/stable/c/8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b
- https://git.kernel.org/stable/c/c7953cf03a26876d676145ce5d2ae6d8c9630b90
- https://git.kernel.org/stable/c/df7e088d51cdf78b1a0bf1f3d405c2593295c7b0
Products affected by CVE-2022-48837
-
cpe:2.3:o:linux:linux_kernel:4.14.267
-
cpe:2.3:o:linux:linux_kernel:4.14.268
-
cpe:2.3:o:linux:linux_kernel:4.14.269
-
cpe:2.3:o:linux:linux_kernel:4.14.270
-
cpe:2.3:o:linux:linux_kernel:4.14.271
-
cpe:2.3:o:linux:linux_kernel:4.14.272
-
cpe:2.3:o:linux:linux_kernel:4.19.230
-
cpe:2.3:o:linux:linux_kernel:4.19.231
-
cpe:2.3:o:linux:linux_kernel:4.19.232
-
cpe:2.3:o:linux:linux_kernel:4.19.233
-
cpe:2.3:o:linux:linux_kernel:4.19.234
-
cpe:2.3:o:linux:linux_kernel:4.19.235
-
cpe:2.3:o:linux:linux_kernel:4.9.302
-
cpe:2.3:o:linux:linux_kernel:4.9.303
-
cpe:2.3:o:linux:linux_kernel:4.9.304
-
cpe:2.3:o:linux:linux_kernel:4.9.305
-
cpe:2.3:o:linux:linux_kernel:4.9.306
-
cpe:2.3:o:linux:linux_kernel:4.9.307
-
cpe:2.3:o:linux:linux_kernel:5.10.101
-
cpe:2.3:o:linux:linux_kernel:5.10.102
-
cpe:2.3:o:linux:linux_kernel:5.10.103
-
cpe:2.3:o:linux:linux_kernel:5.10.104
-
cpe:2.3:o:linux:linux_kernel:5.10.105
-
cpe:2.3:o:linux:linux_kernel:5.10.106
-
cpe:2.3:o:linux:linux_kernel:5.10.107
-
cpe:2.3:o:linux:linux_kernel:5.15.24
-
cpe:2.3:o:linux:linux_kernel:5.15.25
-
cpe:2.3:o:linux:linux_kernel:5.15.26
-
cpe:2.3:o:linux:linux_kernel:5.15.27
-
cpe:2.3:o:linux:linux_kernel:5.15.28
-
cpe:2.3:o:linux:linux_kernel:5.15.29
-
cpe:2.3:o:linux:linux_kernel:5.15.30
-
cpe:2.3:o:linux:linux_kernel:5.16.10
-
cpe:2.3:o:linux:linux_kernel:5.16.11
-
cpe:2.3:o:linux:linux_kernel:5.16.12
-
cpe:2.3:o:linux:linux_kernel:5.16.13
-
cpe:2.3:o:linux:linux_kernel:5.16.14
-
cpe:2.3:o:linux:linux_kernel:5.16.15
-
cpe:2.3:o:linux:linux_kernel:5.16.16
-
cpe:2.3:o:linux:linux_kernel:5.4.180
-
cpe:2.3:o:linux:linux_kernel:5.4.181
-
cpe:2.3:o:linux:linux_kernel:5.4.182
-
cpe:2.3:o:linux:linux_kernel:5.4.183
-
cpe:2.3:o:linux:linux_kernel:5.4.184
-
cpe:2.3:o:linux:linux_kernel:5.4.185
-
cpe:2.3:o:linux:linux_kernel:5.4.186