References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Known Affected Software Configurations Switch to CPE 2.2

Change History

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-191

OR
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (excluding) 5.15.58
          *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 from (excluding) 5.18.15

kernel.org: https://git.kernel.org/stable/c/2acbb8771f6ac82422886e63832ee7a0f4b1635b Types: Patch

kernel.org: https://git.kernel.org/stable/c/76c9216833e7c20a67c987cf89719a3f01666aaa Types: Patch

kernel.org: https://git.kernel.org/stable/c/e7f979ed51f96495328157df663c835b17db1e30 Types: Patch

In the Linux kernel, the following vulnerability has been resolved:

crypto: qat - add param check for DH

Reject requests with a source buffer that is bigger than the size of the
key. This is to prevent a possible integer underflow that might happen
when copying the source scatterlist into a linear buffer.

https://git.kernel.org/stable/c/2acbb8771f6ac82422886e63832ee7a0f4b1635b

https://git.kernel.org/stable/c/76c9216833e7c20a67c987cf89719a3f01666aaa

https://git.kernel.org/stable/c/e7f979ed51f96495328157df663c835b17db1e30