CVE-2022-48837
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Jul 16, 2024
Updated: Jul 18, 2024
CWE ID 190
Summary
CVE-2022-48837 is a newly identified vulnerability in the Linux kernel's RNDIS (Remote NDIS) gadget subsystem. This issue involves an integer overflow risk in the function "rndis_set_response()." When handling large values of "BufOffset," the calculation "BufOffset + 8" may result in an integer overflow, potentially leading to unintended memory access or buffer overflow. The Linux community has released a patch to address this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Linux Kernel
Affected Vendors
- LINUX