CVE-2022-49199

MEDIUM

Linux Kernel 5.16-5.16.18, 5.17-5.17.1 - Integer Underflow in nldev_stat_set_counter_dynamic_doit()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/f6dd8669b8299a3a536cd92a7069152a7704da1d

Patch

https://git.kernel.org/stable/c/2a495ef04d5f42e6f00eb2bec1ee9075e3d5a771

Patch

https://git.kernel.org/stable/c/87e0eacb176f9500c2063d140c0a1d7fa51ab8a5

Scores

CVSS v3 5.5

EPSS 0.0024

EPSS Percentile 15.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-191

Status published

Products (11)

linux/Kernel 5.16.0 - 5.16.19linux

linux/Kernel 5.17.0 - 5.17.2linux

Linux/Linux < 5.16

Linux/Linux 3c3c1f1416392382faa0238e76a70d7810aab2ef - 2a495ef04d5f42e6f00eb2bec1ee9075e3d5a771

Linux/Linux 3c3c1f1416392382faa0238e76a70d7810aab2ef - 87e0eacb176f9500c2063d140c0a1d7fa51ab8a5

Linux/Linux 3c3c1f1416392382faa0238e76a70d7810aab2ef - f6dd8669b8299a3a536cd92a7069152a7704da1d

Linux/Linux 5.16

Linux/Linux 5.16.19 - 5.16.*

Linux/Linux 5.17.2 - 5.17.*

Linux/Linux 5.18

... and 1 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026