PT-2024-11791 · Linux+7 · Linux Kernel+7

Shyam Sundar S K

+1

·

Published

2022-01-27

·

Updated

2025-09-29

·

CVE-2022-48743

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a bug in the Linux kernel's amd-xgbe component, which can cause a kernel panic due to inconsistencies in hardware descriptors. When the skb length underflow is detected, it triggers a BUG ON() in include/linux/skbuff.h, leading to intermittent kernel panic. The fix involves dropping the packet if such length underflows are seen. This issue may allow an attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-124

Related Identifiers

ALSA-2024:4928
ALSA-2024:5101
ALSA-2024:5102
ALSA-2025_16880
BDU:2025-04446
CESA-2024_5101
CESA-2024_5102
CVE-2022-48743
INFSA-2024_4928
INFSA-2024_5101
INFSA-2024_5102
OESA-2024-1835
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
RHSA-2024:4823
RHSA-2024:4831
RHSA-2024:4902
RHSA-2024:4928
RHSA-2024:5101
RHSA-2024:5102
RHSA-2024:6206
RHSA-2024_4928
RHSA-2024_5101
RHSA-2024_5102
RLSA-2024:4928
RLSA-2024:5101
RLSA-2024:5102
RXSA-2024:4928
RXSA-2024:5101
SUSE-SU-2024:2360-1
SUSE-SU-2024:2372-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2902-1
SUSE-SU-2024:2929-1
SUSE-SU-2024:2939-1

Affected Products

Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse