U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2022-48743 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length underflows are seen because of inconsistencies in the hardware descriptors.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26 Mailing List  Patch 
https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e Mailing List  Patch 
https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee Mailing List  Patch 
https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d Mailing List  Patch 
https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576 Mailing List  Patch 
https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e Mailing List  Patch 
https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce Mailing List  Patch 
https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5 Mailing List  Patch 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-787 Out-of-bounds Write cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

3 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2022-48743
NVD Published Date:
06/20/2024
NVD Last Modified:
10/30/2024
Source:
kernel.org