CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow
In the Linux kernel, the following vulnerability has been resolved:
net: amd-xgbe: Fix skb data length underflow
The Linux kernel CVE team has assigned CVE-2022-48743 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024062003-CVE-2022-48743-ee30@gregkh/T
Other sources
In the Linux kernel, the following vulnerability has been resolved:
net: amd-xgbe: Fix skb data length underflow
There will be BUGON() triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected.
Fix this by dropping the packet if such length underflows are seen because of inconsistencies in the hardware descriptors.
— NVD
Linux Kernel is vulnerable to a denial of service, caused by a skb data length underflow. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2022-48743?
CVE-2022-48743 has a high severity rating due to its potential impact on the Linux kernel's networking stack.
How do I fix CVE-2022-48743?
To fix CVE-2022-48743, update your kernel to versions 4.9.300, 4.14.265, 4.19.228, 5.4.177, 5.10.97, 5.15.20, 5.16.6, or 5.17.
What systems are affected by CVE-2022-48743?
CVE-2022-48743 affects multiple versions of the Linux kernel ranging from 4.9.x to 5.17.
What type of vulnerability is CVE-2022-48743?
CVE-2022-48743 is a data length underflow vulnerability in the Linux kernel's networking component.
Was CVE-2022-48743 actively exploited in the wild?
As of the latest information, there are no reports indicating that CVE-2022-48743 has been actively exploited in the wild.