Lucene search
K

5 matches found

NVD
NVD
added 2024/07/16 12:15 p.m.19 views

CVE-2022-48830

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...

4.7CVSS0.00199EPSS
Exploits0References4
OSV
OSV
added 2024/07/16 11:44 a.m.17 views

CVE-2022-48830 can: isotp: fix potential CAN frame reception race in isotp_rcv()

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotprcv When receiving a CAN frame the current code logic does not consider concurrently receiving processes which do not show up in real world usage. Ziyang Xuan writes: The...

4.7CVSS6AI score0.00199EPSS
Exploits0References7
CVE
CVE
added 2024/07/16 11:44 a.m.76 views

CVE-2022-48830

CVE-2022-48830 affects the Linux kernel CAN stack (isotp). The issue was a race during CAN frame reception where isotp_rcv_ff()/isotp_rcv_cf() could modify so->rx.len concurrently, causing skb_put to panic (skb_over_panic). The fix introduces a spin_lock around isotp_rcv to ensure state/data s...

4.7CVSS6.6AI score0.00199EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/02/27 3:2 a.m.8 views

GSD-2022-1000410 can: isotp: fix potential CAN frame reception race in isotp_rcv()

can: isotp: fix potential CAN frame reception race in isotprcv This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.24 by commit...

7.2AI score
Exploits0
OSV
OSV
added 2022/02/27 2:56 a.m.10 views

GSD-2022-1000359 can: isotp: fix potential CAN frame reception race in isotp_rcv()

can: isotp: fix potential CAN frame reception race in isotprcv This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.101 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder