CVE-2022-49289

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an integer overflow in the access ok() function, which is used to check user access. Specifically, three architectures do not account for a possible overflow when checking the end of a user access against the address limit. This can lead to incorrect results when passing a negative length or another overflow. The problem arises from the lack of proper overflow handling, which can cause the function to return success when it should not.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.