CVE-2022-48967

HIGH Year: 2022
CVSS v3 Score
7.1
High
Weakness Type
CWE-129
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfc_target arrays While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported: memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nfc/nci/ntf.c:260 (size 18) This appears to be a legitimate lack of bounds checking in nci_add_new_protocol(). Add the missing checks.

Related Vulnerabilities

CVE-2017-16899

HIGH
CVSS:7.1(High)

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to ...

CWE-1292017

CVE-2017-18309

HIGH
CVSS:7.1(High)

A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850.

CWE-1292017

CVE-2021-47449

HIGH
CVSS:7.1(High)

In the Linux kernel, the following vulnerability has been resolved: ice: fix locking for Tx timestamp tracking flush Commit 4dd0d5c33c3e ("ice: add lock around Tx timestamp tracker flush") added a loc...

CWE-1292021

CVE-2023-27349

HIGH
CVSS:7.1(High)

BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affect...

CWE-1292023

CVE-2023-52640

HIGH
CVSS:7.1(High)

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea.

CWE-1292023

CVE-2024-38542

HIGH
CVSS:7.1(High)

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: boundary check before installing cq callbacks Add a boundary check inside mana_ib_install_cq_cb to prevent index overf...

CWE-1292024