{"id":"CVE-2022-48837","summary":"usb: gadget: rndis: prevent integer overflow in rndis_set_response()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: rndis: prevent integer overflow in rndis_set_response()\n\nIf \"BufOffset\" is very large the \"BufOffset + 8\" operation can have an\ninteger overflow.","modified":"2026-05-28T03:53:21.121814325Z","published":"2024-07-16T12:25:09.212Z","related":["SUSE-SU-2024:2894-1","SUSE-SU-2024:2902-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2947-1","SUSE-SU-2024:3225-1","SUSE-SU-2024:3249-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48837.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/138d4f739b35dfb40438a0d5d7054965763bfbe7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/21829376268397f9fd2c35cfa9135937b6aa3a1e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/28bc0267399f42f987916a7174e2e32f0833cc65"},{"type":"WEB","url":"https://git.kernel.org/stable/c/56b38e3ca4064041d93c1ca18828c8cedad2e16c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/65f3324f4b6fed78b8761c3b74615ecf0ffa81fa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c7953cf03a26876d676145ce5d2ae6d8c9630b90"},{"type":"WEB","url":"https://git.kernel.org/stable/c/df7e088d51cdf78b1a0bf1f3d405c2593295c7b0"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48837.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48837"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ff0a90739925734c91c7e39befe3f4378e0c1369"},{"fixed":"8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4c22fbcef778badb00fb8bb9f409daa29811c175"},{"fixed":"c7953cf03a26876d676145ce5d2ae6d8c9630b90"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"db9aaa3026298d652e98f777bc0f5756e2455dda"},{"fixed":"138d4f739b35dfb40438a0d5d7054965763bfbe7"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c9e952871ae47af784b4aef0a77db02e557074d6"},{"fixed":"21829376268397f9fd2c35cfa9135937b6aa3a1e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"fb4ff0f96de37c44236598e8b53fe43b1df36bf3"},{"fixed":"28bc0267399f42f987916a7174e2e32f0833cc65"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2da3b0ab54fb7f4d7c5a82757246d0ee33a47197"},{"fixed":"56b38e3ca4064041d93c1ca18828c8cedad2e16c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2724ebafda0a8df08a9cb91557d33226bee80f7b"},{"fixed":"df7e088d51cdf78b1a0bf1f3d405c2593295c7b0"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"38ea1eac7d88072bbffb630e2b3db83ca649b826"},{"fixed":"65f3324f4b6fed78b8761c3b74615ecf0ffa81fa"}]}],"versions":["v4.9.307","v4.9.306","v4.9.305","v4.9.304","v4.9.303","v4.9.302","v4.14.272","v4.14.271","v4.14.270","v4.14.269","v4.14.268","v4.14.267","v4.19.235","v4.19.234","v4.19.233","v4.19.232","v4.19.231","v4.19.230","v5.4.186","v5.4.185","v5.4.184","v5.4.183","v5.4.182","v5.4.181","v5.4.180","v5.10.107","v5.10.106","v5.10.105","v5.10.104","v5.10.103","v5.10.102","v5.10.101","v5.15.30","v5.15.29","v5.15.28","v5.15.27","v5.15.26","v5.15.25","v5.15.24","v5.16.16","v5.16.15","v5.16.14","v5.16.13","v5.16.12","v5.16.11","v5.16.10"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48837.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.9.302"},{"fixed":"4.9.308"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.14.267"},{"fixed":"4.14.273"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.19.230"},{"fixed":"4.19.236"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.4.180"},{"fixed":"5.4.187"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.10.101"},{"fixed":"5.10.108"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.15.24"},{"fixed":"5.15.31"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.10"},{"fixed":"5.16.17"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48837.json"}}],"schema_version":"1.7.5"}