CVE-2022-48632 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() memcpy() is called in a loop while 'operation->length' upper bound is not checked and 'data_idx' also increments.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Redhat	Enterprise Linux

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2024:5102	2024-08-08T00:00:00Z
kernel-0:4.18.0-553.16.1.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:5101	2024-08-08T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8
https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e
https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2
https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b
https://lore.kernel.org/linux-cve-announce/2024042854-CVE-2022-48632-465f@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-48632
https://www.cve.org/CVERecord?id=CVE-2022-48632

History

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 08 Aug 2024 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8::nfv cpe:/o:redhat:enterprise_linux:8
Vendors & Products		Redhat Redhat enterprise Linux

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-28T12:59:10.481Z

Updated: 2024-09-11T17:33:12.457Z

Reserved: 2024-02-25T13:44:28.315Z

Link: CVE-2022-48632

Vulnrichment

Updated: 2024-09-11T12:42:15.343Z

NVD

Status : Awaiting Analysis

Published: 2024-04-28T13:15:06.517

Modified: 2024-04-29T12:42:03.667

Link: CVE-2022-48632

Redhat

Severity : Low

Publid Date: 2024-04-28T00:00:00Z

Links: CVE-2022-48632 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48632", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:44:28.315Z", "datePublished": "2024-04-28T12:59:10.481Z", "dateUpdated": "2024-09-11T17:33:12.457Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:10:31.832Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while 'operation->length' upper bound\nis not checked and 'data_idx' also increments."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-mlxbf.c"], "versions": [{"version": "b5b5b32081cd", "lessThan": "48ee0a864d1a", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd", "lessThan": "dc2a0c587006", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd", "lessThan": "3b5ab5fbe69e", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd", "lessThan": "de24aceb07d4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-mlxbf.c"], "versions": [{"version": "5.10", "status": "affected"}, {"version": "0", "lessThan": "5.10", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.146", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.71", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.19.12", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e"}, {"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2"}, {"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"}, {"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b"}], "title": "i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.519Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48632", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:46:27.328258Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:12.457Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48632", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:44:28.315Z", "datePublished": "2024-04-28T12:59:10.481Z", "dateUpdated": "2024-08-03T15:17:55.519Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:10:31.832Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while 'operation->length' upper bound\nis not checked and 'data_idx' also increments."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-mlxbf.c"], "versions": [{"version": "b5b5b32081cd", "lessThan": "48ee0a864d1a", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd", "lessThan": "dc2a0c587006", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd", "lessThan": "3b5ab5fbe69e", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd", "lessThan": "de24aceb07d4", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-mlxbf.c"], "versions": [{"version": "5.10", "status": "affected"}, {"version": "0", "lessThan": "5.10", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.146", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.71", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.19.12", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e"}, {"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2"}, {"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"}, {"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b"}], "title": "i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48632", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:46:27.328258Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-09-11T12:42:15.343Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}], "bugzilla": {"description": "kernel: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", "id": "2277840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277840"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\nmemcpy() is called in a loop while 'operation->length' upper bound\nis not checked and 'data_idx' also increments.", "A flaw was found in the Linux kernel. The following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()."], "name": "CVE-2022-48632", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48632\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48632\nhttps://lore.kernel.org/linux-cve-announce/2024042854-CVE-2022-48632-465f@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.10.146, kernel 5.15.71, kernel 5.19.12, kernel 6.0"}