How severe is CVE-2022-48696?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2022-48696?

This is classified as CWE-120, which is a common weakness in software security.

CVE-2022-48696

MEDIUM Year: 2022

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-120

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the max_raw_read and max_raw_write limits in regmap_spi struct do not take into account the additional size of the transmitted register address and padding. This may result in exceeding the maximum permitted SPI message size, which could cause undefined behaviour, e.g. data corruption. Fix regmap_get_spi_bus() to properly adjust the above mentioned limits by reserving space for the register address/padding as set in the regmap configuration.

CVE-2008-3275

MEDIUM

CVSS:5.5(Medium)

The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) di...

CWE-1202008

CVE-2011-3353

MEDIUM

CVSS:5.5(Medium)

Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the abil...

CWE-1202011

CVE-2015-20109

MEDIUM

CVSS:5.5(Medium)

end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrat...

CWE-1202015

CVE-2015-7890

MEDIUM

CVSS:5.5(Medium)

Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via ...

CWE-1202015

CVE-2016-10066

MEDIUM

CVSS:5.5(Medium)

Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.

CWE-1202016

CVE-2019-10882

MEDIUM

CVSS:5.5(Medium)

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this ser...

CWE-1202019

CVE-2022-48696

Vulnerability Description

Related Vulnerabilities

CVE-2008-3275

CVE-2011-3353

CVE-2015-20109

CVE-2015-7890

CVE-2016-10066

CVE-2019-10882