Lucene search

GoogleOSV:CVE-2022-48932

HistoryAug 22, 2024 - 4:15 a.m.

CVE-2022-48932

2024-08-2204:15:16

Google

osv.dev

linux kernel

vulnerability

resolved

net/mlx5

out-of-band access

patch

allocated buffers

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

Low

JSON

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte

When adding a rule with 32 destinations, we hit the following out-of-band
access issue:

BUG: KASAN: slab-out-of-bounds in mlx5_cmd_dr_create_fte+0x18ee/0x1e70

This patch fixes the issue by both increasing the allocated buffers to
accommodate for the needed actions and by checking the number of actions
to prevent this issue when a rule with too many actions is provided.

References

git.kernel.org/stable/c/0aec12d97b2036af0946e3d582144739860ac07b

git.kernel.org/stable/c/4ad319cdfbe555b4ff67bc608736c46a6930c848

security-tracker.debian.org/tracker/CVE-2022-48932

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.8

Confidence

Low

JSON

Related for OSV:CVE-2022-48932