Linux · Linux Kernel · CVE-2022-48980
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The issue is related to an out-of-bounds access in the `sja1105 init l2 policing()` function. This function initializes L2 policers to prevent interference with normal packet reception. The problem arises when calculating the index of the multicast policer for the port, which is out of bounds for SJA1105 but in bounds for SJA1110. The code fails to properly handle this situation, leading to an out-of-bounds write that could potentially overwrite valid kernel data. The issue was detected using KASAN.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.