CVE-2022-48743
MEDIUMLinux Kernel - Out-of-bounds Write in AMD XGBE Network Driver
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length underflows are seen because of inconsistencies in the hardware descriptors.
References (8)
Core 8
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e
Mailing List, Patch
https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d
Mailing List, Patch
https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26
Mailing List, Patch
https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576
Mailing List, Patch
https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e
Mailing List, Patch
https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce
Mailing List, Patch
https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5
Mailing List, Patch
https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee
Scores
CVSS v3
5.5
EPSS
0.0025
EPSS Percentile
16.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-787
Status
published
Products (31)
linux/Kernel
< 4.9.300linux
linux/Kernel
4.10.0 - 4.14.265linux
linux/Kernel
4.11.0 - 4.19.228linux
linux/Kernel
4.15.0 - 5.4.177linux
linux/Kernel
4.20.0 - 5.10.97linux
linux/Kernel
5.11.0 - 5.16.6linux
linux/Kernel
5.5.0 - 5.15.20linux
Linux/Linux
< 4.11
Linux/Linux
4.10.7 - 4.11
Linux/Linux
4.11
... and 21 more
Published
Jun 20, 2024
Tracked Since
Feb 18, 2026