5 matches found
CVE-2022-48830
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...
CVE-2022-48830
CVE-2022-48830 affects the Linux kernel CAN stack (isotp). The issue was a race during CAN frame reception where isotp_rcv_ff()/isotp_rcv_cf() could modify so->rx.len concurrently, causing skb_put to panic (skb_over_panic). The fix introduces a spin_lock around isotp_rcv to ensure state/data s...
CVE-2022-48830 can: isotp: fix potential CAN frame reception race in isotp_rcv()
In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...
GSD-2022-1000410 can: isotp: fix potential CAN frame reception race in isotp_rcv()
can: isotp: fix potential CAN frame reception race in isotprcv This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...
GSD-2022-1000359 can: isotp: fix potential CAN frame reception race in isotp_rcv()
can: isotp: fix potential CAN frame reception race in isotprcv This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...