CVE-2022-48743

MEDIUM

Linux Kernel - Out-of-bounds Write in AMD XGBE Network Driver

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length underflows are seen because of inconsistencies in the hardware descriptors.

Scores

CVSS v3 5.5
EPSS 0.0025
EPSS Percentile 16.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-787
Status published
Products (31)
linux/Kernel < 4.9.300linux
linux/Kernel 4.10.0 - 4.14.265linux
linux/Kernel 4.11.0 - 4.19.228linux
linux/Kernel 4.15.0 - 5.4.177linux
linux/Kernel 4.20.0 - 5.10.97linux
linux/Kernel 5.11.0 - 5.16.6linux
linux/Kernel 5.5.0 - 5.15.20linux
Linux/Linux < 4.11
Linux/Linux 4.10.7 - 4.11
Linux/Linux 4.11
... and 21 more
Published Jun 20, 2024
Tracked Since Feb 18, 2026