CVE-2022-49234

HIGH

Linux Kernel 5.2-5.17.2 - Out-of-bounds Read in DSA VLAN Filtering

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Avoid cross-chip syncing of VLAN filtering Changes to VLAN filtering are not applicable to cross-chip notifications. On a system like this: .-----. .-----. .-----. | sw1 +---+ sw2 +---+ sw3 | '-1-2-' '-1-2-' '-1-2-' Before this change, upon sw1p1 leaving a bridge, a call to dsa_port_vlan_filtering would also be made to sw2p1 and sw3p1. In this scenario: .---------. .-----. .-----. | sw1 +---+ sw2 +---+ sw3 | '-1-2-3-4-' '-1-2-' '-1-2-' When sw1p4 would leave a bridge, dsa_port_vlan_filtering would be called for sw2 and sw3 with a non-existing port - leading to array out-of-bounds accesses and crashes on mv88e6xxx.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/e1f2a4dd8d433eec393d09273a78a3d3551339cf

Patch

https://git.kernel.org/stable/c/108dc8741c203e9d6ce4e973367f1bac20c7192b

Scores

CVSS v3 7.1

EPSS 0.0022

EPSS Percentile 12.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (8)

linux/Kernel 5.2.0 - 5.17.2linux

Linux/Linux < 5.2

Linux/Linux 5.17.2 - 5.17.*

Linux/Linux 5.18

Linux/Linux 5.2

Linux/Linux d371b7c92d190448f3ccbf082c90bf929285f648 - 108dc8741c203e9d6ce4e973367f1bac20c7192b

Linux/Linux d371b7c92d190448f3ccbf082c90bf929285f648 - e1f2a4dd8d433eec393d09273a78a3d3551339cf

linux/linux_kernel 5.2 - 5.17.2

Published Feb 26, 2025

Tracked Since Feb 18, 2026