{"id":"CVE-2022-48837","summary":"usb: gadget: rndis: prevent integer overflow in rndis_set_response()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: rndis: prevent integer overflow in rndis_set_response()\n\nIf \"BufOffset\" is very large the \"BufOffset + 8\" operation can have an\ninteger overflow.","modified":"2026-03-20T12:21:55.648842Z","published":"2024-07-16T12:25:09.212Z","related":["SUSE-SU-2024:2894-1","SUSE-SU-2024:2902-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2947-1","SUSE-SU-2024:3225-1","SUSE-SU-2024:3249-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48837.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/138d4f739b35dfb40438a0d5d7054965763bfbe7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/21829376268397f9fd2c35cfa9135937b6aa3a1e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/28bc0267399f42f987916a7174e2e32f0833cc65"},{"type":"WEB","url":"https://git.kernel.org/stable/c/56b38e3ca4064041d93c1ca18828c8cedad2e16c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/65f3324f4b6fed78b8761c3b74615ecf0ffa81fa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c7953cf03a26876d676145ce5d2ae6d8c9630b90"},{"type":"WEB","url":"https://git.kernel.org/stable/c/df7e088d51cdf78b1a0bf1f3d405c2593295c7b0"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48837.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48837"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"ff0a90739925734c91c7e39befe3f4378e0c1369"},{"fixed":"8b3e4d26bc9cd0f6373d0095b9ffd99e7da8006b"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4c22fbcef778badb00fb8bb9f409daa29811c175"},{"fixed":"c7953cf03a26876d676145ce5d2ae6d8c9630b90"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"db9aaa3026298d652e98f777bc0f5756e2455dda"},{"fixed":"138d4f739b35dfb40438a0d5d7054965763bfbe7"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c9e952871ae47af784b4aef0a77db02e557074d6"},{"fixed":"21829376268397f9fd2c35cfa9135937b6aa3a1e"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"fb4ff0f96de37c44236598e8b53fe43b1df36bf3"},{"fixed":"28bc0267399f42f987916a7174e2e32f0833cc65"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2da3b0ab54fb7f4d7c5a82757246d0ee33a47197"},{"fixed":"56b38e3ca4064041d93c1ca18828c8cedad2e16c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2724ebafda0a8df08a9cb91557d33226bee80f7b"},{"fixed":"df7e088d51cdf78b1a0bf1f3d405c2593295c7b0"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"38ea1eac7d88072bbffb630e2b3db83ca649b826"},{"fixed":"65f3324f4b6fed78b8761c3b74615ecf0ffa81fa"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48837.json"}}],"schema_version":"1.7.5"}