Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2025-AVI-0072
Vulnerability from certfr_avis - Published: 2025-01-27 - Updated: 2025-01-27
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Secure Analytics | Juniper Secure Analytics versions antérieures à 7.5.0 UP10 IF02 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper Secure Analytics versions ant\u00e9rieures \u00e0 7.5.0 UP10 IF02",
"product": {
"name": "Secure Analytics",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-52471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52471"
},
{
"name": "CVE-2023-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4692"
},
{
"name": "CVE-2021-47304",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47304"
},
{
"name": "CVE-2022-48632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48632"
},
{
"name": "CVE-2021-47284",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47284"
},
{
"name": "CVE-2021-46939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46939"
},
{
"name": "CVE-2022-48743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48743"
},
{
"name": "CVE-2023-28746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28746"
},
{
"name": "CVE-2021-47461",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47461"
},
{
"name": "CVE-2021-47579",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47579"
},
{
"name": "CVE-2021-47373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47373"
},
{
"name": "CVE-2023-52469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
},
{
"name": "CVE-2021-47468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47468"
},
{
"name": "CVE-2023-52451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
},
{
"name": "CVE-2021-47624",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47624"
},
{
"name": "CVE-2022-48757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48757"
},
{
"name": "CVE-2021-47018",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47018"
},
{
"name": "CVE-2023-4693",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4693"
},
{
"name": "CVE-2021-47408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47408"
},
{
"name": "CVE-2022-48747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48747"
},
{
"name": "CVE-2021-47491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47491"
},
{
"name": "CVE-2021-47548",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47548"
},
{
"name": "CVE-2023-52463",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52463"
},
{
"name": "CVE-2021-47257",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47257"
}
],
"initial_release_date": "2025-01-27T00:00:00",
"last_revision_date": "2025-01-27T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0072",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-27T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Secure Analytics",
"vendor_advisories": [
{
"published_at": "2025-01-24",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA93839",
"url": "https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP10-IF02"
}
]
}
CVE-2021-47548 (GCVE-0-2021-47548)
Vulnerability from cvelistv5 – Published: 2024-05-24 15:09 – Updated: 2026-05-11 13:56
VLAI
EPSS
Title
ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()
Summary
In the Linux kernel, the following vulnerability has been resolved:
ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()
The if statement:
if (port >= DSAF_GE_NUM)
return;
limits the value of port less than DSAF_GE_NUM (i.e., 8).
However, if the value of port is 6 or 7, an array overflow could occur:
port_rst_off = dsaf_dev->mac_cb[port]->port_rst_off;
because the length of dsaf_dev->mac_cb is DSAF_MAX_PORT_NUM (i.e., 6).
To fix this possible array overflow, we first check port and if it is
greater than or equal to DSAF_MAX_PORT_NUM, the function returns.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-129 - Improper Validation of Array Index
Assigner
References
7 references
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
850bfa3b78ea8849fef78ed74f5f2ccf947db0ca , < 948968f8747650447c8f21c9fdba0e1973be040b
(git)
Affected: 850bfa3b78ea8849fef78ed74f5f2ccf947db0ca , < abbd5faa0748d0aa95d5191d56ff7a17a6275bd1 (git) Affected: 850bfa3b78ea8849fef78ed74f5f2ccf947db0ca , < dd07f8971b81ad98cc754b179b331b57f35aa1ff (git) Affected: 850bfa3b78ea8849fef78ed74f5f2ccf947db0ca , < 99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d (git) Affected: 850bfa3b78ea8849fef78ed74f5f2ccf947db0ca , < 22519eff7df2d88adcc2568d86046ce1e2b52803 (git) Affected: 850bfa3b78ea8849fef78ed74f5f2ccf947db0ca , < fc7ffa7f10b9454a86369405d9814bf141b30627 (git) Affected: 850bfa3b78ea8849fef78ed74f5f2ccf947db0ca , < a66998e0fbf213d47d02813b9679426129d0d114 (git) |
|
| Linux | Linux |
Affected:
4.7
Unaffected: 0 , < 4.7 (semver) Unaffected: 4.9.292 , ≤ 4.9.* (semver) Unaffected: 4.14.257 , ≤ 4.14.* (semver) Unaffected: 4.19.220 , ≤ 4.19.* (semver) Unaffected: 5.4.164 , ≤ 5.4.* (semver) Unaffected: 5.10.84 , ≤ 5.10.* (semver) Unaffected: 5.15.7 , ≤ 5.15.* (semver) Unaffected: 5.16 , ≤ * (original_commit_for_fix) |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < 948968f87476
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < abbd5faa0748
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < dd07f8971b81
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < 99bb25cb6753
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < 22519eff7df2
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < fc7ffa7f10b9
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < a66998e0fbf2
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
4.9.292 , ≤ 4.9.*
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
4.14.257 , ≤ 4.14*
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
4.19.220 , ≤ 4.19.*
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.4.164 , ≤ 5.4.*
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.10.84 , ≤ 5.10.*
(custom)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.15.7 , ≤ 5.15.*
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.16
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "948968f87476",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "abbd5faa0748",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "dd07f8971b81",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "99bb25cb6753",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "22519eff7df2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "fc7ffa7f10b9",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "a66998e0fbf2",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.292",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "4.14*",
"status": "unaffected",
"version": "4.14.257",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.220",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.164",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.84",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.7",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "5.16"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-47548",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-05T14:45:02.339644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-129",
"description": "CWE-129 Improper Validation of Array Index",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T14:45:10.947Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/hisilicon/hns/hns_dsaf_misc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "948968f8747650447c8f21c9fdba0e1973be040b",
"status": "affected",
"version": "850bfa3b78ea8849fef78ed74f5f2ccf947db0ca",
"versionType": "git"
},
{
"lessThan": "abbd5faa0748d0aa95d5191d56ff7a17a6275bd1",
"status": "affected",
"version": "850bfa3b78ea8849fef78ed74f5f2ccf947db0ca",
"versionType": "git"
},
{
"lessThan": "dd07f8971b81ad98cc754b179b331b57f35aa1ff",
"status": "affected",
"version": "850bfa3b78ea8849fef78ed74f5f2ccf947db0ca",
"versionType": "git"
},
{
"lessThan": "99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d",
"status": "affected",
"version": "850bfa3b78ea8849fef78ed74f5f2ccf947db0ca",
"versionType": "git"
},
{
"lessThan": "22519eff7df2d88adcc2568d86046ce1e2b52803",
"status": "affected",
"version": "850bfa3b78ea8849fef78ed74f5f2ccf947db0ca",
"versionType": "git"
},
{
"lessThan": "fc7ffa7f10b9454a86369405d9814bf141b30627",
"status": "affected",
"version": "850bfa3b78ea8849fef78ed74f5f2ccf947db0ca",
"versionType": "git"
},
{
"lessThan": "a66998e0fbf213d47d02813b9679426129d0d114",
"status": "affected",
"version": "850bfa3b78ea8849fef78ed74f5f2ccf947db0ca",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/hisilicon/hns/hns_dsaf_misc.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.7"
},
{
"lessThan": "4.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.292",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.257",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.220",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.164",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.84",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.292",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.257",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.220",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.164",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.84",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.7",
"versionStartIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16",
"versionStartIncluding": "4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()\n\nThe if statement:\n if (port \u003e= DSAF_GE_NUM)\n return;\n\nlimits the value of port less than DSAF_GE_NUM (i.e., 8).\nHowever, if the value of port is 6 or 7, an array overflow could occur:\n port_rst_off = dsaf_dev-\u003emac_cb[port]-\u003eport_rst_off;\n\nbecause the length of dsaf_dev-\u003emac_cb is DSAF_MAX_PORT_NUM (i.e., 6).\n\nTo fix this possible array overflow, we first check port and if it is\ngreater than or equal to DSAF_MAX_PORT_NUM, the function returns."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T13:56:45.302Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/948968f8747650447c8f21c9fdba0e1973be040b"
},
{
"url": "https://git.kernel.org/stable/c/abbd5faa0748d0aa95d5191d56ff7a17a6275bd1"
},
{
"url": "https://git.kernel.org/stable/c/dd07f8971b81ad98cc754b179b331b57f35aa1ff"
},
{
"url": "https://git.kernel.org/stable/c/99bb25cb6753beaf2c2bc37927c2ecc0ceff3f6d"
},
{
"url": "https://git.kernel.org/stable/c/22519eff7df2d88adcc2568d86046ce1e2b52803"
},
{
"url": "https://git.kernel.org/stable/c/fc7ffa7f10b9454a86369405d9814bf141b30627"
},
{
"url": "https://git.kernel.org/stable/c/a66998e0fbf213d47d02813b9679426129d0d114"
}
],
"title": "ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47548",
"datePublished": "2024-05-24T15:09:52.634Z",
"dateReserved": "2024-05-24T15:02:54.829Z",
"dateUpdated": "2026-05-11T13:56:45.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-47579 (GCVE-0-2021-47579)
Vulnerability from cvelistv5 – Published: 2024-06-19 14:53 – Updated: 2026-05-11 13:57
VLAI
EPSS
Title
ovl: fix warning in ovl_create_real()
Summary
In the Linux kernel, the following vulnerability has been resolved:
ovl: fix warning in ovl_create_real()
Syzbot triggered the following warning in ovl_workdir_create() ->
ovl_create_real():
if (!err && WARN_ON(!newdentry->d_inode)) {
The reason is that the cgroup2 filesystem returns from mkdir without
instantiating the new dentry.
Weird filesystems such as this will be rejected by overlayfs at a later
stage during setup, but to prevent such a warning, call ovl_mkdir_real()
directly from ovl_workdir_create() and reject this case early.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c , < 445d2dc63e5871d218f21b8f62ab29ac72f2e6b8
(git)
Affected: e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c , < f9f300a92297be8250547347fd52216ef0177ae0 (git) Affected: e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c , < 6859985a2fbda5d1586bf44538853e1be69e85f7 (git) Affected: e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c , < d2ccdd4e4efab06178608a34d7bfb20a54104c02 (git) Affected: e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c , < 1f5573cfe7a7056e80a92c7a037a3e69f3a13d1c (git) |
|
| Linux | Linux |
Affected:
3.18
Unaffected: 0 , < 3.18 (semver) Unaffected: 4.19.222 , ≤ 4.19.* (semver) Unaffected: 5.4.168 , ≤ 5.4.* (semver) Unaffected: 5.10.88 , ≤ 5.10.* (semver) Unaffected: 5.15.11 , ≤ 5.15.* (semver) Unaffected: 5.16 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/445d2dc63e5871d218f21b8f62ab29ac72f2e6b8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f9f300a92297be8250547347fd52216ef0177ae0"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6859985a2fbda5d1586bf44538853e1be69e85f7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d2ccdd4e4efab06178608a34d7bfb20a54104c02"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/1f5573cfe7a7056e80a92c7a037a3e69f3a13d1c"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47579",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:12:49.599246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:52.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"fs/overlayfs/dir.c",
"fs/overlayfs/overlayfs.h",
"fs/overlayfs/super.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "445d2dc63e5871d218f21b8f62ab29ac72f2e6b8",
"status": "affected",
"version": "e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c",
"versionType": "git"
},
{
"lessThan": "f9f300a92297be8250547347fd52216ef0177ae0",
"status": "affected",
"version": "e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c",
"versionType": "git"
},
{
"lessThan": "6859985a2fbda5d1586bf44538853e1be69e85f7",
"status": "affected",
"version": "e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c",
"versionType": "git"
},
{
"lessThan": "d2ccdd4e4efab06178608a34d7bfb20a54104c02",
"status": "affected",
"version": "e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c",
"versionType": "git"
},
{
"lessThan": "1f5573cfe7a7056e80a92c7a037a3e69f3a13d1c",
"status": "affected",
"version": "e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"fs/overlayfs/dir.c",
"fs/overlayfs/overlayfs.h",
"fs/overlayfs/super.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "3.18"
},
{
"lessThan": "3.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.222",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.168",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.88",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.11",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.222",
"versionStartIncluding": "3.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.168",
"versionStartIncluding": "3.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.88",
"versionStartIncluding": "3.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.11",
"versionStartIncluding": "3.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16",
"versionStartIncluding": "3.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix warning in ovl_create_real()\n\nSyzbot triggered the following warning in ovl_workdir_create() -\u003e\novl_create_real():\n\n\tif (!err \u0026\u0026 WARN_ON(!newdentry-\u003ed_inode)) {\n\nThe reason is that the cgroup2 filesystem returns from mkdir without\ninstantiating the new dentry.\n\nWeird filesystems such as this will be rejected by overlayfs at a later\nstage during setup, but to prevent such a warning, call ovl_mkdir_real()\ndirectly from ovl_workdir_create() and reject this case early."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T13:57:17.709Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/445d2dc63e5871d218f21b8f62ab29ac72f2e6b8"
},
{
"url": "https://git.kernel.org/stable/c/f9f300a92297be8250547347fd52216ef0177ae0"
},
{
"url": "https://git.kernel.org/stable/c/6859985a2fbda5d1586bf44538853e1be69e85f7"
},
{
"url": "https://git.kernel.org/stable/c/d2ccdd4e4efab06178608a34d7bfb20a54104c02"
},
{
"url": "https://git.kernel.org/stable/c/1f5573cfe7a7056e80a92c7a037a3e69f3a13d1c"
}
],
"title": "ovl: fix warning in ovl_create_real()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47579",
"datePublished": "2024-06-19T14:53:46.750Z",
"dateReserved": "2024-05-24T15:11:00.730Z",
"dateUpdated": "2026-05-11T13:57:17.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-47624 (GCVE-0-2021-47624)
Vulnerability from cvelistv5 – Published: 2024-07-16 11:29 – Updated: 2026-05-11 13:58
VLAI
EPSS
Title
net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change
Summary
In the Linux kernel, the following vulnerability has been resolved:
net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change
The refcount leak issues take place in an error handling path. When the
3rd argument buf doesn't match with "offline", "online" or "remove", the
function simply returns -EINVAL and forgets to decrease the reference
count of a rpc_xprt object and a rpc_xprt_switch object increased by
rpc_sysfs_xprt_kobj_get_xprt() and
rpc_sysfs_xprt_kobj_get_xprt_switch(), causing reference count leaks of
both unused objects.
Fix this issue by jumping to the error handling path labelled with
out_put when buf matches none of "offline", "online" or "remove".
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
5b7eb78486cd9ac58bfbd6d84ea0fe2d9fead03b , < 4b22aa42bd4d2d630ef1854c139275c3532937cb
(git)
Affected: 5b7eb78486cd9ac58bfbd6d84ea0fe2d9fead03b , < 5f6024c05a2c0fdd180b29395aaf686d25af3a0f (git) Affected: 5b7eb78486cd9ac58bfbd6d84ea0fe2d9fead03b , < 776d794f28c95051bc70405a7b1fa40115658a18 (git) |
|
| Linux | Linux |
Affected:
5.14
Unaffected: 0 , < 5.14 (semver) Unaffected: 5.15.24 , ≤ 5.15.* (semver) Unaffected: 5.16.10 , ≤ 5.16.* (semver) Unaffected: 5.17 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:47:40.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47624",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:59:55.305965Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:16.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sunrpc/sysfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4b22aa42bd4d2d630ef1854c139275c3532937cb",
"status": "affected",
"version": "5b7eb78486cd9ac58bfbd6d84ea0fe2d9fead03b",
"versionType": "git"
},
{
"lessThan": "5f6024c05a2c0fdd180b29395aaf686d25af3a0f",
"status": "affected",
"version": "5b7eb78486cd9ac58bfbd6d84ea0fe2d9fead03b",
"versionType": "git"
},
{
"lessThan": "776d794f28c95051bc70405a7b1fa40115658a18",
"status": "affected",
"version": "5b7eb78486cd9ac58bfbd6d84ea0fe2d9fead03b",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sunrpc/sysfs.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.24",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.24",
"versionStartIncluding": "5.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16.10",
"versionStartIncluding": "5.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.17",
"versionStartIncluding": "5.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change\n\nThe refcount leak issues take place in an error handling path. When the\n3rd argument buf doesn\u0027t match with \"offline\", \"online\" or \"remove\", the\nfunction simply returns -EINVAL and forgets to decrease the reference\ncount of a rpc_xprt object and a rpc_xprt_switch object increased by\nrpc_sysfs_xprt_kobj_get_xprt() and\nrpc_sysfs_xprt_kobj_get_xprt_switch(), causing reference count leaks of\nboth unused objects.\n\nFix this issue by jumping to the error handling path labelled with\nout_put when buf matches none of \"offline\", \"online\" or \"remove\"."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T13:58:06.706Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb"
},
{
"url": "https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f"
},
{
"url": "https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18"
}
],
"title": "net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47624",
"datePublished": "2024-07-16T11:29:39.903Z",
"dateReserved": "2024-07-16T11:26:52.956Z",
"dateUpdated": "2026-05-11T13:58:06.706Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-48632 (GCVE-0-2022-48632)
Vulnerability from cvelistv5 – Published: 2024-04-28 12:59 – Updated: 2026-05-11 18:44
VLAI
EPSS
Title
i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()
Summary
In the Linux kernel, the following vulnerability has been resolved:
i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()
memcpy() is called in a loop while 'operation->length' upper bound
is not checked and 'data_idx' also increments.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
b5b5b32081cd206baa6e58cca7f112d9723785d6 , < 48ee0a864d1af02eea98fc825cc230d61517a71e
(git)
Affected: b5b5b32081cd206baa6e58cca7f112d9723785d6 , < dc2a0c587006f29b724069740c48654b9dcaebd2 (git) Affected: b5b5b32081cd206baa6e58cca7f112d9723785d6 , < 3b5ab5fbe69ebbee5692c72b05071a43fc0655d8 (git) Affected: b5b5b32081cd206baa6e58cca7f112d9723785d6 , < de24aceb07d426b6f1c59f33889d6a964770547b (git) |
|
| Linux | Linux |
Affected:
5.10
Unaffected: 0 , < 5.10 (semver) Unaffected: 5.10.146 , ≤ 5.10.* (semver) Unaffected: 5.15.71 , ≤ 5.15.* (semver) Unaffected: 5.19.12 , ≤ 5.19.* (semver) Unaffected: 6.0 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:17:55.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48632",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:46:27.328258Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:33:12.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/i2c/busses/i2c-mlxbf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "48ee0a864d1af02eea98fc825cc230d61517a71e",
"status": "affected",
"version": "b5b5b32081cd206baa6e58cca7f112d9723785d6",
"versionType": "git"
},
{
"lessThan": "dc2a0c587006f29b724069740c48654b9dcaebd2",
"status": "affected",
"version": "b5b5b32081cd206baa6e58cca7f112d9723785d6",
"versionType": "git"
},
{
"lessThan": "3b5ab5fbe69ebbee5692c72b05071a43fc0655d8",
"status": "affected",
"version": "b5b5b32081cd206baa6e58cca7f112d9723785d6",
"versionType": "git"
},
{
"lessThan": "de24aceb07d426b6f1c59f33889d6a964770547b",
"status": "affected",
"version": "b5b5b32081cd206baa6e58cca7f112d9723785d6",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/i2c/busses/i2c-mlxbf.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.10"
},
{
"lessThan": "5.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.146",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.71",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.19.*",
"status": "unaffected",
"version": "5.19.12",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.146",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.71",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.19.12",
"versionStartIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0",
"versionStartIncluding": "5.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while \u0027operation-\u003elength\u0027 upper bound\nis not checked and \u0027data_idx\u0027 also increments."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T18:44:07.544Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e"
},
{
"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2"
},
{
"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"
},
{
"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b"
}
],
"title": "i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48632",
"datePublished": "2024-04-28T12:59:10.481Z",
"dateReserved": "2024-02-25T13:44:28.315Z",
"dateUpdated": "2026-05-11T18:44:07.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-48743 (GCVE-0-2022-48743)
Vulnerability from cvelistv5 – Published: 2024-06-20 11:13 – Updated: 2026-05-23 15:20
VLAI
EPSS
Title
net: amd-xgbe: Fix skb data length underflow
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: amd-xgbe: Fix skb data length underflow
There will be BUG_ON() triggered in include/linux/skbuff.h leading to
intermittent kernel panic, when the skb length underflow is detected.
Fix this by dropping the packet if such length underflows are seen
because of inconsistencies in the hardware descriptors.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
8 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
fafc9555d87a19c78bcd43ed731c3a73bf0b37a9 , < 9924c80bd484340191e586110ca22bff23a49f2e
(git)
Affected: 622c36f143fc9566ba49d7cec994c2da1182d9e2 , < 617f9934bb37993b9813832516f318ba874bcb7d (git) Affected: 622c36f143fc9566ba49d7cec994c2da1182d9e2 , < 34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26 (git) Affected: 622c36f143fc9566ba49d7cec994c2da1182d9e2 , < 9892742f035f7aa7dcd2bb0750effa486db89576 (git) Affected: 622c36f143fc9566ba49d7cec994c2da1182d9e2 , < 4d3fcfe8464838b3920bc2b939d888e0b792934e (git) Affected: 622c36f143fc9566ba49d7cec994c2da1182d9e2 , < db6fd92316a254be2097556f01bccecf560e53ce (git) Affected: 622c36f143fc9566ba49d7cec994c2da1182d9e2 , < e8f73f620fee5f52653ed2da360121e4446575c5 (git) Affected: 622c36f143fc9566ba49d7cec994c2da1182d9e2 , < 5aac9108a180fc06e28d4e7fb00247ce603b72ee (git) Affected: ae43f9360a21b35cf785ae9a0fdce524d7af0938 (git) Affected: ae9d577f3dbb686862b7d0dc9cc73054f0964d4d (git) Affected: 4.9.19 , < 4.9.300 (semver) Affected: 4.4.58 , < 4.5 (semver) Affected: 4.10.7 , < 4.11 (semver) |
|
| Linux | Linux |
Affected:
4.11
Unaffected: 0 , < 4.11 (semver) Unaffected: 4.9.300 , ≤ 4.9.* (semver) Unaffected: 4.14.265 , ≤ 4.14.* (semver) Unaffected: 4.19.228 , ≤ 4.19.* (semver) Unaffected: 5.4.177 , ≤ 5.4.* (semver) Unaffected: 5.10.97 , ≤ 5.10.* (semver) Unaffected: 5.15.20 , ≤ 5.15.* (semver) Unaffected: 5.16.6 , ≤ 5.16.* (semver) Unaffected: 5.17 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-20T13:32:55.523566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:56:44.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.057Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/amd/xgbe/xgbe-drv.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "9924c80bd484340191e586110ca22bff23a49f2e",
"status": "affected",
"version": "fafc9555d87a19c78bcd43ed731c3a73bf0b37a9",
"versionType": "git"
},
{
"lessThan": "617f9934bb37993b9813832516f318ba874bcb7d",
"status": "affected",
"version": "622c36f143fc9566ba49d7cec994c2da1182d9e2",
"versionType": "git"
},
{
"lessThan": "34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26",
"status": "affected",
"version": "622c36f143fc9566ba49d7cec994c2da1182d9e2",
"versionType": "git"
},
{
"lessThan": "9892742f035f7aa7dcd2bb0750effa486db89576",
"status": "affected",
"version": "622c36f143fc9566ba49d7cec994c2da1182d9e2",
"versionType": "git"
},
{
"lessThan": "4d3fcfe8464838b3920bc2b939d888e0b792934e",
"status": "affected",
"version": "622c36f143fc9566ba49d7cec994c2da1182d9e2",
"versionType": "git"
},
{
"lessThan": "db6fd92316a254be2097556f01bccecf560e53ce",
"status": "affected",
"version": "622c36f143fc9566ba49d7cec994c2da1182d9e2",
"versionType": "git"
},
{
"lessThan": "e8f73f620fee5f52653ed2da360121e4446575c5",
"status": "affected",
"version": "622c36f143fc9566ba49d7cec994c2da1182d9e2",
"versionType": "git"
},
{
"lessThan": "5aac9108a180fc06e28d4e7fb00247ce603b72ee",
"status": "affected",
"version": "622c36f143fc9566ba49d7cec994c2da1182d9e2",
"versionType": "git"
},
{
"status": "affected",
"version": "ae43f9360a21b35cf785ae9a0fdce524d7af0938",
"versionType": "git"
},
{
"status": "affected",
"version": "ae9d577f3dbb686862b7d0dc9cc73054f0964d4d",
"versionType": "git"
},
{
"lessThan": "4.9.300",
"status": "affected",
"version": "4.9.19",
"versionType": "semver"
},
{
"lessThan": "4.5",
"status": "affected",
"version": "4.4.58",
"versionType": "semver"
},
{
"lessThan": "4.11",
"status": "affected",
"version": "4.10.7",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/ethernet/amd/xgbe/xgbe-drv.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.11"
},
{
"lessThan": "4.11",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.177",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.97",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.20",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.300",
"versionStartIncluding": "4.9.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.265",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.228",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.177",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.97",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.20",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16.6",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.17",
"versionStartIncluding": "4.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:20:35.419Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/9924c80bd484340191e586110ca22bff23a49f2e"
},
{
"url": "https://git.kernel.org/stable/c/617f9934bb37993b9813832516f318ba874bcb7d"
},
{
"url": "https://git.kernel.org/stable/c/34aeb4da20f93ac80a6291a2dbe7b9c6460e9b26"
},
{
"url": "https://git.kernel.org/stable/c/9892742f035f7aa7dcd2bb0750effa486db89576"
},
{
"url": "https://git.kernel.org/stable/c/4d3fcfe8464838b3920bc2b939d888e0b792934e"
},
{
"url": "https://git.kernel.org/stable/c/db6fd92316a254be2097556f01bccecf560e53ce"
},
{
"url": "https://git.kernel.org/stable/c/e8f73f620fee5f52653ed2da360121e4446575c5"
},
{
"url": "https://git.kernel.org/stable/c/5aac9108a180fc06e28d4e7fb00247ce603b72ee"
}
],
"title": "net: amd-xgbe: Fix skb data length underflow",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48743",
"datePublished": "2024-06-20T11:13:27.312Z",
"dateReserved": "2024-06-20T11:09:39.054Z",
"dateUpdated": "2026-05-23T15:20:35.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-48747 (GCVE-0-2022-48747)
Vulnerability from cvelistv5 – Published: 2024-06-20 11:13 – Updated: 2026-05-23 15:20
VLAI
EPSS
Title
block: Fix wrong offset in bio_truncate()
Summary
In the Linux kernel, the following vulnerability has been resolved:
block: Fix wrong offset in bio_truncate()
bio_truncate() clears the buffer outside of last block of bdev, however
current bio_truncate() is using the wrong offset of page. So it can
return the uninitialized data.
This happened when both of truncated/corrupted FS and userspace (via
bdev) are trying to read the last of bdev.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-908 - Use of Uninitialized Resource
Assigner
References
Impacted products
12 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
943cd69efac437d82a7aea0659fccbcc071730de , < 6cbf4c731d7812518cd857c2cfc3da9fd120f6ae
(git)
Affected: 85a8ce62c2eabe28b9d76ca4eecf37922402df93 , < b63e120189fd92aff00096d11e2fc5253f60248b (git) Affected: 85a8ce62c2eabe28b9d76ca4eecf37922402df93 , < 4633a79ff8bc82770486a063a08b55e5162521d8 (git) Affected: 85a8ce62c2eabe28b9d76ca4eecf37922402df93 , < 941d5180c430ce5b0f7a3622ef9b76077bfa3d82 (git) Affected: 85a8ce62c2eabe28b9d76ca4eecf37922402df93 , < 3ee859e384d453d6ac68bfd5971f630d9fa46ad3 (git) Affected: 5.4.9 , < 5.4.176 (semver) |
|
| Linux | Linux |
Affected:
5.5
Unaffected: 0 , < 5.5 (semver) Unaffected: 5.4.176 , ≤ 5.4.* (semver) Unaffected: 5.10.96 , ≤ 5.10.* (semver) Unaffected: 5.15.19 , ≤ 5.15.* (semver) Unaffected: 5.16.5 , ≤ 5.16.* (semver) Unaffected: 5.17 , ≤ * (original_commit_for_fix) |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < 6cbf4c731d78
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < b63e120189fd
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < 4633a79ff8bc
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < 941d5180c430
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
1da177e4c3f4 , < 3ee859e384d4
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.4.176 , ≤ 5.5
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.10.96 , ≤ 5.11
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.15.19 , ≤ 5.16
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.16.5 , ≤ 5.17
(custom)
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Unaffected:
5.17
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "6cbf4c731d78",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "b63e120189fd",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "4633a79ff8bc",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "941d5180c430",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3ee859e384d4",
"status": "affected",
"version": "1da177e4c3f4",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "unaffected",
"version": "5.4.176",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.11",
"status": "unaffected",
"version": "5.10.96",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.16",
"status": "unaffected",
"version": "5.15.19",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThanOrEqual": "5.17",
"status": "unaffected",
"version": "5.16.5",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"status": "unaffected",
"version": "5.17"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T14:56:40.641058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T13:28:21.215Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6cbf4c731d7812518cd857c2cfc3da9fd120f6ae"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b63e120189fd92aff00096d11e2fc5253f60248b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/4633a79ff8bc82770486a063a08b55e5162521d8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/941d5180c430ce5b0f7a3622ef9b76077bfa3d82"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/3ee859e384d453d6ac68bfd5971f630d9fa46ad3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"block/bio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6cbf4c731d7812518cd857c2cfc3da9fd120f6ae",
"status": "affected",
"version": "943cd69efac437d82a7aea0659fccbcc071730de",
"versionType": "git"
},
{
"lessThan": "b63e120189fd92aff00096d11e2fc5253f60248b",
"status": "affected",
"version": "85a8ce62c2eabe28b9d76ca4eecf37922402df93",
"versionType": "git"
},
{
"lessThan": "4633a79ff8bc82770486a063a08b55e5162521d8",
"status": "affected",
"version": "85a8ce62c2eabe28b9d76ca4eecf37922402df93",
"versionType": "git"
},
{
"lessThan": "941d5180c430ce5b0f7a3622ef9b76077bfa3d82",
"status": "affected",
"version": "85a8ce62c2eabe28b9d76ca4eecf37922402df93",
"versionType": "git"
},
{
"lessThan": "3ee859e384d453d6ac68bfd5971f630d9fa46ad3",
"status": "affected",
"version": "85a8ce62c2eabe28b9d76ca4eecf37922402df93",
"versionType": "git"
},
{
"lessThan": "5.4.176",
"status": "affected",
"version": "5.4.9",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"block/bio.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.5"
},
{
"lessThan": "5.5",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.176",
"versionStartIncluding": "5.4.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.96",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.19",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16.5",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.17",
"versionStartIncluding": "5.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix wrong offset in bio_truncate()\n\nbio_truncate() clears the buffer outside of last block of bdev, however\ncurrent bio_truncate() is using the wrong offset of page. So it can\nreturn the uninitialized data.\n\nThis happened when both of truncated/corrupted FS and userspace (via\nbdev) are trying to read the last of bdev."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-23T15:20:36.508Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/6cbf4c731d7812518cd857c2cfc3da9fd120f6ae"
},
{
"url": "https://git.kernel.org/stable/c/b63e120189fd92aff00096d11e2fc5253f60248b"
},
{
"url": "https://git.kernel.org/stable/c/4633a79ff8bc82770486a063a08b55e5162521d8"
},
{
"url": "https://git.kernel.org/stable/c/941d5180c430ce5b0f7a3622ef9b76077bfa3d82"
},
{
"url": "https://git.kernel.org/stable/c/3ee859e384d453d6ac68bfd5971f630d9fa46ad3"
}
],
"title": "block: Fix wrong offset in bio_truncate()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48747",
"datePublished": "2024-06-20T11:13:29.951Z",
"dateReserved": "2024-06-20T11:09:39.055Z",
"dateUpdated": "2026-05-23T15:20:36.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-48757 (GCVE-0-2022-48757)
Vulnerability from cvelistv5 – Published: 2024-06-20 11:13 – Updated: 2026-05-11 18:46
VLAI
EPSS
Title
net: fix information leakage in /proc/net/ptype
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: fix information leakage in /proc/net/ptype
In one net namespace, after creating a packet socket without binding
it to a device, users in other net namespaces can observe the new
`packet_type` added by this packet socket by reading `/proc/net/ptype`
file. This is minor information leakage as packet socket is
namespace aware.
Add a net pointer in `packet_type` to keep the net namespace of
of corresponding packet socket. In `ptype_seq_show`, this net pointer
must be checked when it is not NULL.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
9 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < 8f88c78d24f6f346919007cd459fd7e51a8c7779
(git)
Affected: 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < be1ca30331c7923c6f376610c1bd6059be9b1908 (git) Affected: 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < c38023032a598ec6263e008d62c7f02def72d5c7 (git) Affected: 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < b67ad6170c0ea87391bb253f35d1f78857736e54 (git) Affected: 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < e372ecd455b6ebc7720f52bf4b5f5d44d02f2092 (git) Affected: 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < db044d97460ea792110eb8b971e82569ded536c6 (git) Affected: 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < e43669c77cb3a742b7d84ecdc7c68c4167a7709b (git) Affected: 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < 839ec7039513a4f84bfbaff953a9393471176bee (git) Affected: 2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50 , < 47934e06b65637c88a762d9c98329ae6e3238888 (git) |
|
| Linux | Linux |
Affected:
2.6.26
Unaffected: 0 , < 2.6.26 (semver) Unaffected: 4.4.302 , ≤ 4.4.* (semver) Unaffected: 4.9.300 , ≤ 4.9.* (semver) Unaffected: 4.14.265 , ≤ 4.14.* (semver) Unaffected: 4.19.228 , ≤ 4.19.* (semver) Unaffected: 5.4.176 , ≤ 5.4.* (semver) Unaffected: 5.10.96 , ≤ 5.10.* (semver) Unaffected: 5.15.19 , ≤ 5.15.* (semver) Unaffected: 5.16.5 , ≤ 5.16.* (semver) Unaffected: 5.17 , ≤ * (original_commit_for_fix) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:25:01.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-48757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T17:10:16.134809Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:34:47.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/linux/netdevice.h",
"net/core/net-procfs.c",
"net/packet/af_packet.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "8f88c78d24f6f346919007cd459fd7e51a8c7779",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
},
{
"lessThan": "be1ca30331c7923c6f376610c1bd6059be9b1908",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
},
{
"lessThan": "c38023032a598ec6263e008d62c7f02def72d5c7",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
},
{
"lessThan": "b67ad6170c0ea87391bb253f35d1f78857736e54",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
},
{
"lessThan": "e372ecd455b6ebc7720f52bf4b5f5d44d02f2092",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
},
{
"lessThan": "db044d97460ea792110eb8b971e82569ded536c6",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
},
{
"lessThan": "e43669c77cb3a742b7d84ecdc7c68c4167a7709b",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
},
{
"lessThan": "839ec7039513a4f84bfbaff953a9393471176bee",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
},
{
"lessThan": "47934e06b65637c88a762d9c98329ae6e3238888",
"status": "affected",
"version": "2feb27dbe00cbb4f7d31f90acf6bd0d751dd0a50",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/linux/netdevice.h",
"net/core/net-procfs.c",
"net/packet/af_packet.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.26"
},
{
"lessThan": "2.6.26",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.302",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.300",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.265",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.228",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.176",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.96",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.16.*",
"status": "unaffected",
"version": "5.16.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.302",
"versionStartIncluding": "2.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.300",
"versionStartIncluding": "2.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.265",
"versionStartIncluding": "2.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.228",
"versionStartIncluding": "2.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.176",
"versionStartIncluding": "2.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.96",
"versionStartIncluding": "2.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.19",
"versionStartIncluding": "2.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16.5",
"versionStartIncluding": "2.6.26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.17",
"versionStartIncluding": "2.6.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T18:46:20.699Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/8f88c78d24f6f346919007cd459fd7e51a8c7779"
},
{
"url": "https://git.kernel.org/stable/c/be1ca30331c7923c6f376610c1bd6059be9b1908"
},
{
"url": "https://git.kernel.org/stable/c/c38023032a598ec6263e008d62c7f02def72d5c7"
},
{
"url": "https://git.kernel.org/stable/c/b67ad6170c0ea87391bb253f35d1f78857736e54"
},
{
"url": "https://git.kernel.org/stable/c/e372ecd455b6ebc7720f52bf4b5f5d44d02f2092"
},
{
"url": "https://git.kernel.org/stable/c/db044d97460ea792110eb8b971e82569ded536c6"
},
{
"url": "https://git.kernel.org/stable/c/e43669c77cb3a742b7d84ecdc7c68c4167a7709b"
},
{
"url": "https://git.kernel.org/stable/c/839ec7039513a4f84bfbaff953a9393471176bee"
},
{
"url": "https://git.kernel.org/stable/c/47934e06b65637c88a762d9c98329ae6e3238888"
}
],
"title": "net: fix information leakage in /proc/net/ptype",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-48757",
"datePublished": "2024-06-20T11:13:36.529Z",
"dateReserved": "2024-06-20T11:09:39.059Z",
"dateUpdated": "2026-05-11T18:46:20.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-28746 (GCVE-0-2023-28746)
Vulnerability from cvelistv5 – Published: 2024-03-14 16:45 – Updated: 2026-05-12 10:52
VLAI
EPSS
Summary
Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- information disclosure
- CWE-1342 - Information exposure through microarchitectural state after transient execution from some register files
Assigner
References
9 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) Atom(R) Processors |
Affected:
See references
|
|
| Siemens | SIMATIC S7-1500 TM MFP - GNU/Linux subsystem |
Affected:
0 , < *
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28746",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-14T18:58:08.088339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:28:56.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-04-26T20:03:13.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/12/13"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
},
{
"url": "http://xenbits.xen.org/xsa/advisory-452.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:52:19.004Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Atom(R) Processors",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en"
},
{
"cweId": "CWE-1342",
"description": "Information exposure through microarchitectural state after transient execution from some register files",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T22:08:21.946Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00898.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZON4TLXG7TG4A2XZG563JMVTGQW4SF3A/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H63LGAQXPEVJOES73U4XK65I6DASOAAG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EIUICU6CVJUIB6BPJ7P5QTPQR5VOBHFK/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/03/12/13"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2023-28746",
"datePublished": "2024-03-14T16:45:50.370Z",
"dateReserved": "2023-05-05T03:00:03.623Z",
"dateUpdated": "2026-05-12T10:52:19.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4692 (GCVE-0-2023-4692)
Vulnerability from cvelistv5 – Published: 2023-10-25 10:27 – Updated: 2025-11-07 00:30
VLAI
EPSS
Title
Grub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution
Summary
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:2456 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3184 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2023-4692 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2236613 | issue-trackingx_refsource_REDHAT |
| https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023… | |
| https://lists.gnu.org/archive/html/grub-devel/202… | |
| https://seclists.org/oss-sec/2023/q4/37 | |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://security.gentoo.org/glsa/202311-14 | x_transferred |
| https://security.netapp.com/advisory/ntap-2023120… | x_transferred |
| https://lists.debian.org/debian-lts-announce/2023… |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Unaffected:
2.12 , < *
(custom)
|
|||
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
1:2.02-156.el8 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:8::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
1:2.06-77.el9 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:9::baseos |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
Date Public
2023-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:25:43.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:2456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2456"
},
{
"name": "RHSA-2024:3184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3184"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4692"
},
{
"name": "RHBZ#2236613",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236613"
},
{
"tags": [
"x_transferred"
],
"url": "https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUU42E7CPYLATXOYVYNW6YTXXULAOV6L/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRJ5UZRXX2KLR4IKBJEQUNGOCXMMDLY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PERFILCHFEUGG3OAMC6W55P6DDIBZK4Q/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/oss-sec/2023/q4/37"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-14"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0002/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00007.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-4692",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-15T14:23:06.893381Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T17:19:59.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://git.savannah.gnu.org/git/grub.git/",
"packageName": "grub",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "2.12",
"versionType": "custom"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "grub2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.02-156.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "grub2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.06-77.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "grub2",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"datePublic": "2023-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write flaw was found in grub2\u0027s NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub\u0027s heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-07T00:30:50.177Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:2456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2456"
},
{
"name": "RHSA-2024:3184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3184"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4692"
},
{
"name": "RHBZ#2236613",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2236613"
},
{
"url": "https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/"
},
{
"url": "https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html"
},
{
"url": "https://seclists.org/oss-sec/2023/q4/37"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-08-31T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-03T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Grub2: out-of-bounds write at fs/ntfs.c may lead to unsigned code execution",
"x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4692",
"datePublished": "2023-10-25T10:27:29.173Z",
"dateReserved": "2023-08-31T21:53:09.692Z",
"dateUpdated": "2025-11-07T00:30:50.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-4693 (GCVE-0-2023-4693)
Vulnerability from cvelistv5 – Published: 2023-10-25 10:27 – Updated: 2025-11-07 00:31
VLAI
EPSS
Title
Grub2: out-of-bounds read at fs/ntfs.c
Summary
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.
Severity
5.3 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:2456 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3184 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2023-4693 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2238343 | issue-trackingx_refsource_REDHAT |
| https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023… | |
| https://lists.gnu.org/archive/html/grub-devel/202… | |
| https://seclists.org/oss-sec/2023/q4/37 | |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://security.gentoo.org/glsa/202311-14 | x_transferred |
| https://security.netapp.com/advisory/ntap-2023120… | x_transferred |
| https://lists.debian.org/debian-lts-announce/2023… |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
1:2.02-156.el8 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:8::baseos |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
1:2.06-77.el9 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:9::baseos |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
Date Public
2023-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T19:25:44.865Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:2456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2456"
},
{
"name": "RHSA-2024:3184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3184"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4693"
},
{
"name": "RHBZ#2238343",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238343"
},
{
"tags": [
"x_transferred"
],
"url": "https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUU42E7CPYLATXOYVYNW6YTXXULAOV6L/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRJ5UZRXX2KLR4IKBJEQUNGOCXMMDLY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PERFILCHFEUGG3OAMC6W55P6DDIBZK4Q/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://seclists.org/oss-sec/2023/q4/37"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-14"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231208-0002/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00007.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "grub2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.02-156.el8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"packageName": "grub2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "1:2.06-77.el9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "grub2",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"datePublic": "2023-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read flaw was found on grub2\u0027s NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-07T00:31:03.030Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:2456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2456"
},
{
"name": "RHSA-2024:3184",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3184"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4693"
},
{
"name": "RHBZ#2238343",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238343"
},
{
"url": "https://dfir.ru/2023/10/03/cve-2023-4692-cve-2023-4693-vulnerabilities-in-the-grub-boot-manager/"
},
{
"url": "https://lists.gnu.org/archive/html/grub-devel/2023-10/msg00028.html"
},
{
"url": "https://seclists.org/oss-sec/2023/q4/37"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-09-11T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-03T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Grub2: out-of-bounds read at fs/ntfs.c",
"x_redhatCweChain": "CWE-125: Out-of-bounds Read"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-4693",
"datePublished": "2023-10-25T10:27:29.100Z",
"dateReserved": "2023-08-31T21:53:46.147Z",
"dateUpdated": "2025-11-07T00:31:03.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…