exploitDog

CVE-2022-48627

Опубликовано: 02 мар. 2024

Источник: nvd

CVSS3: 5.5

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

vt: fix memory overlapping when deleting chars in the buffer

A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to memcpy because memcpy does not ensure its behavior if the destination buffer overlaps with the source buffer. The line buffer is not always broken, because the memcpy utilizes the hardware acceleration, whose result is not deterministic.

Fix this problem by using replacing the scr_memcpyw with scr_memmovew.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 3.7 (включая) до 4.19.312 (включая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.274 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.10.132 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.56 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 5.18.13 (исключая)

cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:5.19:rc6:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 0%

0.00007

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-48627

CVSS3: 5.5

ubuntu

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to memcpy because memcpy does not ensure its behavior if the destination buffer overlaps with the source buffer. The line buffer is not always broken, because the memcpy utilizes the hardware acceleration, whose result is not deterministic. Fix this problem by using replacing the scr_memcpyw with scr_memmovew.

CVE-2022-48627

CVSS3: 4.4

redhat

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to memcpy because memcpy does not ensure its behavior if the destination buffer overlaps with the source buffer. The line buffer is not always broken, because the memcpy utilizes the hardware acceleration, whose result is not deterministic. Fix this problem by using replacing the scr_memcpyw with scr_memmovew.

CVE-2022-48627

CVSS3: 5.5

debian

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: v ...

GHSA-73f5-wqmw-37vp

CVSS3: 5.5

github

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scr_memcpyw is optimized to memcpy because memcpy does not ensure its behavior if the destination buffer overlaps with the source buffer. The line buffer is not always broken, because the memcpy utilizes the hardware acceleration, whose result is not deterministic. Fix this problem by using replacing the scr_memcpyw with scr_memmovew.

BDU:2024-07839

CVSS3: 4.4

fstec

почти 3 года назад

Уязвимость компонента vt ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 0%

0.00007

Низкий

5.5 Medium

CVSS3

Дефекты

CWE-787