{"id":"CVE-2022-48938","summary":"CDC-NCM: avoid overflow in sanity checking","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nCDC-NCM: avoid overflow in sanity checking\n\nA broken device may give an extreme offset like 0xFFF0\nand a reasonable length for a fragment. In the sanity\ncheck as formulated now, this will create an integer\noverflow, defeating the sanity check. Both offset\nand offset + len need to be checked in such a manner\nthat no overflow can occur.\nAnd those quantities should be unsigned.","modified":"2026-04-11T11:56:37.041907Z","published":"2024-08-22T03:31:33.381Z","related":["SUSE-SU-2024:3189-1","SUSE-SU-2024:3190-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3227-1","SUSE-SU-2024:3251-1","SUSE-SU-2024:3252-1","SUSE-SU-2024:3408-1","SUSE-SU-2024:3483-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48938.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/49909c9f8458cacb5b241106cba65aba5a6d8f4c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/69560efa001397ebb8dc1c3e6a3ce00302bb9f7f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7b737e47b87589031f0d4657f6d7b0b770474925"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8d2b1a1ec9f559d30b724877da4ce592edc41fdc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9957fbf34f52a4d8945d1bf39aae400ef9a11246"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a612395c7631918e0e10ea48b9ce5ab4340f26a6"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48938.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48938"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4ca8b8855264cf1439cdab3da7049bd1e3c2a9e6"},{"fixed":"a612395c7631918e0e10ea48b9ce5ab4340f26a6"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a270ca35a9499b58366d696d3290eaa4697a42db"},{"fixed":"9957fbf34f52a4d8945d1bf39aae400ef9a11246"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0fa81b304a7973a499f844176ca031109487dd31"},{"fixed":"69560efa001397ebb8dc1c3e6a3ce00302bb9f7f"},{"fixed":"49909c9f8458cacb5b241106cba65aba5a6d8f4c"},{"fixed":"7b737e47b87589031f0d4657f6d7b0b770474925"},{"fixed":"8d2b1a1ec9f559d30b724877da4ce592edc41fdc"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"8cf7db86a8984ffa3a3388a8df12bc0aa4c79bd7"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48938.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.19.323"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.285"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.103"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.7.0"},{"fixed":"5.15.26"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.16.12"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48938.json"}}],"schema_version":"1.7.5"}