PT-2025-13290 · Linux+4 · Linux Kernel+4

Publicado

2023-11-07

Atualizado

2025-05-29

CVE-2022-49748

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A potential integer overflow issue has been identified in the Linux kernel, specifically in the perf/x86/amd component. The issue arises when a 32-bit integer constant 1 is left-shifted using 32-bit arithmetic and then passed as a 64-bit function argument. This can lead to an overflow when the shift amount is 32 or more. The problem is resolved by using the BIT ULL macro for shifting instead.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

BDU:2025-06287

CVE-2022-49748

OPENSUSE-SU-2025_1195-1

RHSA-2023:6583

RHSA-2023_6583

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1195-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1195-1

SUSE-SU-2025_1241-1

Produtos afetados

Astra Linux

Linux Kernel

Red Hat

Red Os

Suse

PT-2025-13290 · Linux+4 · Linux Kernel+4

CVE-2022-49748

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1335