Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-48743— net: amd-xgbe: Fix skb data length underflow

EPSS 0.01% · P1
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-48743

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
net: amd-xgbe: Fix skb data length underflow
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUG_ON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length underflows are seen because of inconsistencies in the hardware descriptors.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于 net:amd-xgbe 模块 skb 存在溢出问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux fafc9555d87a19c78bcd43ed731c3a73bf0b37a9 ~ 9924c80bd484340191e586110ca22bff23a49f2e -
LinuxLinux 4.11 -

II. Public POCs for CVE-2022-48743

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-48743

登录查看更多情报信息。

Same Patch Batch · Linux · 2024-06-20 · 67 CVEs total

CVE-2022-48751net/smc: Transitional solution for clcsock race issue
CVE-2022-48770bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
CVE-2022-48768tracing/histogram: Fix a potential memory leak for kstrdup()
CVE-2022-48769efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
CVE-2022-48757net: fix information leakage in /proc/net/ptype
CVE-2022-48756drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
CVE-2022-48755powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
CVE-2022-48754phylib: fix potential use-after-free
CVE-2022-48753block: fix memory leak in disk_register_independent_access_ranges
CVE-2022-48752powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending
CVE-2022-48758scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
CVE-2022-48750hwmon: (nct6775) Fix crash in clear_caseopen
CVE-2022-48748net: bridge: vlan: fix memory leak in __allowed_ingress
CVE-2022-48749drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
CVE-2022-48747block: Fix wrong offset in bio_truncate()
CVE-2022-48745net/mlx5: Use del_timer_sync in fw reset flow of halting poll
CVE-2022-48746net/mlx5e: Fix handling of wrong devices during bond netevent
CVE-2022-48744net/mlx5e: Avoid field-overflowing memcpy()
CVE-2022-48742rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
CVE-2022-48741ovl: fix NULL pointer dereference in copy up warning

Showing top 20 of 67 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2022-48743

No comments yet

Leave a comment