CVE-2022-49030

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-190
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: libbpf: Handle size overflow for ringbuf mmap The maximum size of ringbuf is 2GB on x86-64 host, so 2 * max_entries will overflow u32 when mapping producer page and data pages. Only casting max_entries to size_t is not enough, because for 32-bits application on 64-bits kernel the size of read-only mmap region also could overflow size_t. So fixing it by casting the size of read-only mmap region into a __u64 and checking whether or not there will be overflow during mmap.

Related Vulnerabilities

CVE-2002-2439

HIGH
CVSS:7.8(High)

Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.

CWE-1902002

CVE-2004-2013

HIGH
CVSS:7.8(High)

Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which caus...

CWE-1902004

CVE-2011-1823

HIGH
CVSS:7.8(High)

The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileg...

CWE-1902011

CVE-2012-0044

HIGH
CVSS:7.8(High)

Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privil...

CWE-1902012

CVE-2012-1185

HIGH
CVSS:7.8(High)

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execut...

CWE-1902012

CVE-2012-5340

HIGH
CVSS:7.8(High)

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.

CWE-1902012