CVE-2022-49907

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds ...

CVE-2022-49907

CVE-2022-49907 is a Linux kernel issue in net: mdio related to undefined behavior from shifting a signed 32-bit value by 31 bits in __mdiobus_register. The root cause is an out-of-bounds bit shift in mdiobus initialization; the code was changed to use an unsigned type to avoid UB. A UBSAN warning...

PT-2025-18624 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns undefined behavior in the bit shift operation for mdiobus register in the Linux kernel's MDIO driver. Specifically, shifting a signed 32-bit value by 31 bits is...

PT-2023-33865 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue concerns undefined behavior in a bit shift operation related to TTM TT FLAG PRIV POPULATED. The actual impact and potential for attack have not been proven. Recommendations: For...