CVE-2022-48837

Published Jul 16, 2024

Last updated 4 months ago

CVSS high 7.8

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndis_set_response() If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-190

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15919079-3B27-4F33-BA41-333B27A0BCDF",
            "versionEndExcluding": "4.9.308",
            "versionStartIncluding": "4.9.302"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F12D099A-0433-4DE3-9619-2C3B71511B70",
            "versionEndExcluding": "4.14.273",
            "versionStartIncluding": "4.14.267"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAE5A4D1-F7B4-4317-9384-529AC3901A9B",
            "versionEndExcluding": "4.19.236",
            "versionStartIncluding": "4.19.230"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9A95FD4-5704-4389-B930-B225A1C32409",
            "versionEndExcluding": "5.4.187",
            "versionStartIncluding": "5.4.180"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF746551-C12A-48C6-B720-35303ED2CF2E",
            "versionEndExcluding": "5.10.108",
            "versionStartIncluding": "5.10.101"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCF98BF7-A5EB-43FD-84E6-1DD301C8B36D",
            "versionEndExcluding": "5.15.31",
            "versionStartIncluding": "5.15.24"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0F418D1B-4357-470F-90CA-FB918F85E71D",
            "versionEndExcluding": "5.16.17",
            "versionStartIncluding": "5.16.10"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References