CVE-2022-48632

April 28, 2024, 1:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() memcpy() is called in a loop while 'operation->length' upper bound is not checked and 'data_idx' also increments.

Product(s) Impacted

Product Versions
Linux kernel

Weaknesses

References

https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8
https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e
https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2
https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b

Tags

Date

  • Published: April 28, 2024, 1:15 p.m.
  • Last Modified: April 28, 2024, 1:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.