fkie_cve-2022-48841
Vulnerability from fkie_nvd
Published
2024-07-16 13:15
Modified
2024-11-21 07:34
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()
It is possible to do NULL pointer dereference in routine that updates
Tx ring stats. Currently only stats and bytes are updated when ring
pointer is valid, but later on ring is accessed to propagate gathered Tx
stats onto VSI stats.
Change the existing logic to move to next ring when ring is NULL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 | |
| linux | linux_kernel | 5.17 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "173AD596-53A7-4863-BF97-0E7B94AFDB85", versionEndExcluding: "5.16.17", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*", matchCriteriaId: "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*", matchCriteriaId: "E6E34B23-78B4-4516-9BD8-61B33F4AC49A", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*", matchCriteriaId: "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*", matchCriteriaId: "B2D2677C-5389-4AE9-869D-0F881E80D923", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*", matchCriteriaId: "EFA3917C-C322-4D92-912D-ECE45B2E7416", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*", matchCriteriaId: "BED18363-5ABC-4639-8BBA-68E771E5BB3F", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:*", matchCriteriaId: "7F635F96-FA0A-4769-ADE8-232B3AC9116D", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.17:rc8:*:*:*:*:*:*", matchCriteriaId: "FD39FE73-2A9D-4C92-AE7A-CA22F84B228D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()\n\nIt is possible to do NULL pointer dereference in routine that updates\nTx ring stats. Currently only stats and bytes are updated when ring\npointer is valid, but later on ring is accessed to propagate gathered Tx\nstats onto VSI stats.\n\nChange the existing logic to move to next ring when ring is NULL.", }, { lang: "es", value: "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: corrige la desreferencia del puntero NULL en ice_update_vsi_tx_ring_stats() Es posible realizar la desreferencia del puntero NULL en la rutina que actualiza las estadísticas del anillo Tx. Actualmente, solo se actualizan las estadísticas y los bytes cuando el puntero del anillo es válido, pero más adelante se accede al anillo para propagar las estadísticas de Tx recopiladas en las estadísticas de VSI. Cambie la lógica existente para pasar al siguiente anillo cuando el anillo sea NULL.", }, ], id: "CVE-2022-48841", lastModified: "2024-11-21T07:34:11.440", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-07-16T13:15:11.513", references: [ { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", tags: [ "Mailing List", "Patch", ], url: "https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ff", }, { source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", tags: [ "Mailing List", "Patch", ], url: "https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", ], url: "https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ff", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", ], url: "https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333", }, ], sourceIdentifier: "416baaa9-dc9f-4396-8d5f-8c081fb06d67", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.