Lucene search

K
vulnrichmentLinuxVULNRICHMENT:CVE-2022-48632
HistoryApr 28, 2024 - 12:59 p.m.

CVE-2022-48632 i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()

2024-04-2812:59:10
Linux
github.com
4
linux kernel
vulnerability resolved
memcpy called

AI Score

7.2

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

In the Linux kernel, the following vulnerability has been resolved:

i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()

memcpy() is called in a loop while ‘operation->length’ upper bound
is not checked and ‘data_idx’ also increments.

AI Score

7.2

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial