CVE-2022-48743
net: amd-xgbe: Fix skb data length underflow
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
20 Jun 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
net: amd-xgbe: Fix skb data length underflow
There will be BUG_ON() triggered in include/linux/skbuff.h leading to
intermittent kernel panic, when the skb length underflow is detected.
Fix this by dropping the packet if such length underflows are seen
because of inconsistencies in the hardware descriptors.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934ehttps://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72eehttps://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7dhttps://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2ehttps://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53cehttps://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5