CVE-2022-48841

{"id": "CVE-2022-48841", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-07-16T13:15:11.513", "references": [{"url": "https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ff", "tags": ["Mailing List", "Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333", "tags": ["Mailing List", "Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/2397270ec97c5e3009a58ac110a25e1869e9d6ff", "tags": ["Mailing List", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/f153546913bada41a811722f2c6d17c3243a0333", "tags": ["Mailing List", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()\n\nIt is possible to do NULL pointer dereference in routine that updates\nTx ring stats. Currently only stats and bytes are updated when ring\npointer is valid, but later on ring is accessed to propagate gathered Tx\nstats onto VSI stats.\n\nChange the existing logic to move to next ring when ring is NULL."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ice: corrige la desreferencia del puntero NULL en ice_update_vsi_tx_ring_stats() Es posible realizar la desreferencia del puntero NULL en la rutina que actualiza las estad\u00edsticas del anillo Tx. Actualmente, solo se actualizan las estad\u00edsticas y los bytes cuando el puntero del anillo es v\u00e1lido, pero m\u00e1s adelante se accede al anillo para propagar las estad\u00edsticas de Tx recopiladas en las estad\u00edsticas de VSI. Cambie la l\u00f3gica existente para pasar al siguiente anillo cuando el anillo sea NULL."}], "lastModified": "2024-11-21T07:34:11.440", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "173AD596-53A7-4863-BF97-0E7B94AFDB85", "versionEndExcluding": "5.16.17"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F635F96-FA0A-4769-ADE8-232B3AC9116D"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD39FE73-2A9D-4C92-AE7A-CA22F84B228D"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}