Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-vulnerable / . / cve / published / 2022 / CVE-2022-48949.json
blob: 51808a45429d1c9c7a7516bd045fe322c26a6930 [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Initialize mailbox message for VF reset\n\nWhen a MAC address is not assigned to the VF, that portion of the message\nsent to the VF is not set. The memory, however, is allocated from the\nstack meaning that information may be leaked to the VM. Initialize the\nmessage buffer to 0 so that no information is passed to the VM in this\ncase."
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/intel/igb/igb_main.c"
],
"versions": [
{
"version": "6ddbc4cf1f4d5a3a58b4223c80881f299dae3774",
"lessThan": "a6629659af3f5c6a91e3914ea62554c975ab77f4",
"status": "affected",
"versionType": "git"
},
{
"version": "6ddbc4cf1f4d5a3a58b4223c80881f299dae3774",
"lessThan": "ef1d739dd1f362aec081278ff92f943c31eb177a",
"status": "affected",
"versionType": "git"
},
{
"version": "6ddbc4cf1f4d5a3a58b4223c80881f299dae3774",
"lessThan": "c581439a977545d61849a72e8ed631cfc8a2a3c1",
"status": "affected",
"versionType": "git"
},
{
"version": "6ddbc4cf1f4d5a3a58b4223c80881f299dae3774",
"lessThan": "f2479c3daaabccbac6c343a737615d0c595c6dc4",
"status": "affected",
"versionType": "git"
},
{
"version": "6ddbc4cf1f4d5a3a58b4223c80881f299dae3774",
"lessThan": "367e1e3399dbc56fc669740c4ab60e35da632b0e",
"status": "affected",
"versionType": "git"
},
{
"version": "6ddbc4cf1f4d5a3a58b4223c80881f299dae3774",
"lessThan": "51fd5ede7ed42f272682a0c33d6f0767b3484a3d",
"status": "affected",
"versionType": "git"
},
{
"version": "6ddbc4cf1f4d5a3a58b4223c80881f299dae3774",
"lessThan": "c383c7c35c7bc15e07a04eefa060a8a80cbeae29",
"status": "affected",
"versionType": "git"
},
{
"version": "6ddbc4cf1f4d5a3a58b4223c80881f299dae3774",
"lessThan": "de5dc44370fbd6b46bd7f1a1e00369be54a041c8",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/intel/igb/igb_main.c"
],
"versions": [
{
"version": "4.0",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.0",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.14.303",
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.270",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.229",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.161",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.85",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.0.15",
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.1",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.2",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "4.14.303"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "4.19.270"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "5.4.229"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "5.10.161"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "5.15.85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "6.0.15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "6.1.1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndExcluding": "6.2"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/a6629659af3f5c6a91e3914ea62554c975ab77f4"
},
{
"url": "https://git.kernel.org/stable/c/ef1d739dd1f362aec081278ff92f943c31eb177a"
},
{
"url": "https://git.kernel.org/stable/c/c581439a977545d61849a72e8ed631cfc8a2a3c1"
},
{
"url": "https://git.kernel.org/stable/c/f2479c3daaabccbac6c343a737615d0c595c6dc4"
},
{
"url": "https://git.kernel.org/stable/c/367e1e3399dbc56fc669740c4ab60e35da632b0e"
},
{
"url": "https://git.kernel.org/stable/c/51fd5ede7ed42f272682a0c33d6f0767b3484a3d"
},
{
"url": "https://git.kernel.org/stable/c/c383c7c35c7bc15e07a04eefa060a8a80cbeae29"
},
{
"url": "https://git.kernel.org/stable/c/de5dc44370fbd6b46bd7f1a1e00369be54a041c8"
}
],
"title": "igb: Initialize mailbox message for VF reset",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2022-48949",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}