CVE-2022-49048

Published Feb 26, 2025

Last updated 6 months ago

CVSS medium 5.5

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when forwarding a pkt with no in6 dev kongweibin reported a kernel panic in ip6_forward() when input interface has no in6 dev associated. The following tc commands were used to reproduce this panic: tc qdisc del dev vxlan100 root tc qdisc add dev vxlan100 root netem corrupt 5%
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Analyzed
Products: linux_kernel

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "C719E214-F9CC-432A-B21F-195A11A1FF21",
            "versionEndExcluding": "4.19.239",
            "versionStartIncluding": "4.19.199",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "160B967F-4A86-4141-854B-3753480ACABA",
            "versionEndExcluding": "5.4.190",
            "versionStartIncluding": "5.4.136",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "D5AB9C21-EBCA-4C55-808B-768BD8EB0E7B",
            "versionEndExcluding": "5.10.112",
            "versionStartIncluding": "5.10.54",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "3FCF5994-AD9A-4278-8BF1-BC9274834795",
            "versionEndExcluding": "5.14",
            "versionStartIncluding": "5.13.6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "41995907-877B-4363-9117-CC1F19F3715A",
            "versionEndExcluding": "5.15.35",
            "versionStartIncluding": "5.14.1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "E22C86CB-06CD-4D16-AB2A-F21EE8199262",
            "versionEndExcluding": "5.17.4",
            "versionStartIncluding": "5.16",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:-:*:*:*:*:*:*",
            "matchCriteriaId": "6A05198E-F8FA-4517-8D0E-8C95066AED38",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc2:*:*:*:*:*:*",
            "matchCriteriaId": "23B9E5C6-FAB5-4A02-9E39-27C8787B0991",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc3:*:*:*:*:*:*",
            "matchCriteriaId": "D185CF67-7E4A-4154-93DB-CE379C67DB56",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc4:*:*:*:*:*:*",
            "matchCriteriaId": "D1DA0AF6-02F4-47C7-A318-8C006ED0C665",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc5:*:*:*:*:*:*",
            "matchCriteriaId": "49DD30B1-8C99-4C38-A66B-CAB3827BEE8A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc6:*:*:*:*:*:*",
            "matchCriteriaId": "15013998-4AF0-4CDC-AB13-829ECD8A8E66",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.14:rc7:*:*:*:*:*:*",
            "matchCriteriaId": "376A25CF-C05B-48F1-99B1-8FB0314A8E06",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
            "matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*",
            "matchCriteriaId": "7AB06DDF-3C2B-416D-B448-E990D8FF67A9",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References