{"id":"CVE-2022-2964","details":"A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.","modified":"2026-03-13T05:46:21.060574Z","published":"2022-09-09T15:15:10.227Z","related":["ALSA-2023:0101","ALSA-2023:0114","ALSA-2023:0300","ALSA-2023:0334","SUSE-SU-2022:3897-1","SUSE-SU-2022:3929-1","SUSE-SU-2022:3930-1","SUSE-SU-2022:3998-1","SUSE-SU-2022:4053-1","SUSE-SU-2022:4072-1","SUSE-SU-2022:4272-1","SUSE-SU-2022:4273-1","SUSE-SU-2022:4520-1","SUSE-SU-2022:4528-1","SUSE-SU-2022:4550-1","SUSE-SU-2022:4561-1","SUSE-SU-2022:4562-1","SUSE-SU-2022:4573-1","SUSE-SU-2022:4574-1","SUSE-SU-2022:4587-1","SUSE-SU-2022:4589-1","SUSE-SU-2022:4595-1","SUSE-SU-2022:4611-1","SUSE-SU-2022:4614-1","SUSE-SU-2022:4615-1","SUSE-SU-2022:4617-1","SUSE-SU-2024:2901-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:2940-1","SUSE-SU-2024:3249-1","SUSE-SU-2024:3499-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230113-0001/"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2067482"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2964.json","unresolved_ranges":[{"events":[{"introduced":"4.20"},{"fixed":"5.4.180"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.101"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.24"}]},{"events":[{"introduced":"5.16"},{"fixed":"5.16.10"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}