{ "id": "CVE-2022-49727", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-02-26T07:01:48.347", "lastModified": "2025-03-07T20:44:17.993", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix signed integer overflow in l2tp_ip6_sendmsg\n\nWhen len >= INT_MAX - transhdrlen, ulen = len + transhdrlen will be\noverflow. To fix, we can follow what udpv6 does and subtract the\ntranshdrlen from the max." }, { "lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipv6: Se solucion\u00f3 el desbordamiento de entero con signo en l2tp_ip6_sendmsg Cuando len >= INT_MAX - transhdrlen, ulen = len + transhdrlen se desbordar\u00e1. Para solucionarlo, podemos seguir lo que hace udpv6 y restar transhdrlen del m\u00e1ximo." } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.8, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-190" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.9.320", "matchCriteriaId": "CF939175-79DE-4866-B38C-4C8F9896B785" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.10", "versionEndExcluding": "4.14.285", "matchCriteriaId": "6D4E7BA7-6B66-4B9A-991A-AD516DADF77D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.15", "versionEndExcluding": "4.19.249", "matchCriteriaId": "8A08E48B-CA77-4A21-9558-17D61C146BE9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.20", "versionEndExcluding": "5.4.200", "matchCriteriaId": "80B2AE57-4A7E-40BB-8C83-33D4436CE199" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5", "versionEndExcluding": "5.10.124", "matchCriteriaId": "6442F2CD-FF1C-4574-9948-138835E635D7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.11", "versionEndExcluding": "5.15.49", "matchCriteriaId": "697D250E-E0A4-41BE-BB54-96385E129206" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.16", "versionEndExcluding": "5.18.6", "matchCriteriaId": "CDD33A19-B51E-4090-A47B-073098916815" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*", "matchCriteriaId": "A8C30C2D-F82D-4D37-AB48-D76ABFBD5377" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/034246122f5c5e2e2a0b9fe04e24517920e9beb1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/0e818d433fc2718fe4da044ffca7431812a7e04e", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/27a37755ceb401111ded76810359d3adc4b268a1", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/2cf73c7cb6125083408d77f43d0e84d86aed0000", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/2f42389d270f2304c8855b0b63498a5a4d0c053d", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/6c4e3486d21173d60925ef52e512cae727b43d30", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/b8879ca1fd7348b4d5db7db86dcb97f60c73d751", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] }, { "url": "https://git.kernel.org/stable/c/f638a84afef3dfe10554c51820c16e39a278c915", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": [ "Patch" ] } ] }