CVE-2022-49374 (GCVE-0-2022-49374)
Vulnerability from cvelistv5
Published
2025-02-26 02:11
Modified
2025-10-01 19:46
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
tipc: check attribute length for bearer name
syzbot reported uninit-value:
=====================================================
BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:644 [inline]
BUG: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725
string_nocheck lib/vsprintf.c:644 [inline]
string+0x4f9/0x6f0 lib/vsprintf.c:725
vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806
vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158
vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256
vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283
vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50
_printk+0x18d/0x1cf kernel/printk/printk.c:2293
tipc_enable_bearer net/tipc/bearer.c:371 [inline]
__tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033
tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042
genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]
- Do sanity check the attribute length for TIPC_NLA_BEARER_NAME.
- Do not use 'illegal name' in printing message.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Linux | Linux |
Version: cb30a63384bc91d5da06e1cede1115f666a29271 Version: cb30a63384bc91d5da06e1cede1115f666a29271 Version: cb30a63384bc91d5da06e1cede1115f666a29271 Version: cb30a63384bc91d5da06e1cede1115f666a29271 Version: cb30a63384bc91d5da06e1cede1115f666a29271 Version: cb30a63384bc91d5da06e1cede1115f666a29271 Version: cb30a63384bc91d5da06e1cede1115f666a29271 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-49374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-01T19:42:07.000378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-01T19:46:52.564Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/tipc/bearer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f07670871f4d19e613740eebe210e7e9ea535973",
"status": "affected",
"version": "cb30a63384bc91d5da06e1cede1115f666a29271",
"versionType": "git"
},
{
"lessThan": "8b91d0dfc839e67708c905648cd0e7507a2263e5",
"status": "affected",
"version": "cb30a63384bc91d5da06e1cede1115f666a29271",
"versionType": "git"
},
{
"lessThan": "b8fac8e321044a9ac50f7185b4e9d91a7745e4b0",
"status": "affected",
"version": "cb30a63384bc91d5da06e1cede1115f666a29271",
"versionType": "git"
},
{
"lessThan": "92a930fcf4250fe961f6238b99af0bc405799f39",
"status": "affected",
"version": "cb30a63384bc91d5da06e1cede1115f666a29271",
"versionType": "git"
},
{
"lessThan": "292be63c382ce20673ee61dff1ee9ed4a3dcaae7",
"status": "affected",
"version": "cb30a63384bc91d5da06e1cede1115f666a29271",
"versionType": "git"
},
{
"lessThan": "3af15272cde28fe5c8489174b8624e232c1775ec",
"status": "affected",
"version": "cb30a63384bc91d5da06e1cede1115f666a29271",
"versionType": "git"
},
{
"lessThan": "7f36f798f89bf32c0164049cb0e3fd1af613d0bb",
"status": "affected",
"version": "cb30a63384bc91d5da06e1cede1115f666a29271",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/tipc/bearer.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.17"
},
{
"lessThan": "4.17",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.247",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.198",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.122",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.47",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.17.*",
"status": "unaffected",
"version": "5.17.15",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.18.*",
"status": "unaffected",
"version": "5.18.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.19",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.247",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.198",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.122",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.47",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.17.15",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.18.4",
"versionStartIncluding": "4.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.19",
"versionStartIncluding": "4.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: check attribute length for bearer name\n\nsyzbot reported uninit-value:\n=====================================================\nBUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:644 [inline]\nBUG: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725\n string_nocheck lib/vsprintf.c:644 [inline]\n string+0x4f9/0x6f0 lib/vsprintf.c:725\n vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806\n vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158\n vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256\n vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283\n vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50\n _printk+0x18d/0x1cf kernel/printk/printk.c:2293\n tipc_enable_bearer net/tipc/bearer.c:371 [inline]\n __tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033\n tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042\n genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]\n\n- Do sanity check the attribute length for TIPC_NLA_BEARER_NAME.\n- Do not use \u0027illegal name\u0027 in printing message."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T08:36:19.539Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/f07670871f4d19e613740eebe210e7e9ea535973"
},
{
"url": "https://git.kernel.org/stable/c/8b91d0dfc839e67708c905648cd0e7507a2263e5"
},
{
"url": "https://git.kernel.org/stable/c/b8fac8e321044a9ac50f7185b4e9d91a7745e4b0"
},
{
"url": "https://git.kernel.org/stable/c/92a930fcf4250fe961f6238b99af0bc405799f39"
},
{
"url": "https://git.kernel.org/stable/c/292be63c382ce20673ee61dff1ee9ed4a3dcaae7"
},
{
"url": "https://git.kernel.org/stable/c/3af15272cde28fe5c8489174b8624e232c1775ec"
},
{
"url": "https://git.kernel.org/stable/c/7f36f798f89bf32c0164049cb0e3fd1af613d0bb"
}
],
"title": "tipc: check attribute length for bearer name",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-49374",
"datePublished": "2025-02-26T02:11:15.127Z",
"dateReserved": "2025-02-26T02:08:31.556Z",
"dateUpdated": "2025-10-01T19:46:52.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-49374\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-26T07:01:14.060\",\"lastModified\":\"2025-10-01T20:16:14.503\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntipc: check attribute length for bearer name\\n\\nsyzbot reported uninit-value:\\n=====================================================\\nBUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:644 [inline]\\nBUG: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725\\n string_nocheck lib/vsprintf.c:644 [inline]\\n string+0x4f9/0x6f0 lib/vsprintf.c:725\\n vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806\\n vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158\\n vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256\\n vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283\\n vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50\\n _printk+0x18d/0x1cf kernel/printk/printk.c:2293\\n tipc_enable_bearer net/tipc/bearer.c:371 [inline]\\n __tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033\\n tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042\\n genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]\\n\\n- Do sanity check the attribute length for TIPC_NLA_BEARER_NAME.\\n- Do not use \u0027illegal name\u0027 in printing message.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: tipc: comprobar la longitud del atributo para el nombre del portador syzbot inform\u00f3 de un valor no inicializado: ======================================================== ERROR: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725 string_nocheck lib/vsprintf.c:644 [inline] string+0x4f9/0x6f0 lib/vsprintf.c:725 vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806 vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158 vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256 vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283 vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50 _printk+0x18d/0x1cf kernel/printk/printk.c:2293 tipc_enable_bearer net/tipc/bearer.c:371 [inline] __tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033 tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042 genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline] - Do sanity check the attribute length for TIPC_NLA_BEARER_NAME. - Do not use \u0027illegal name\u0027 in printing message. \"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.17\",\"versionEndExcluding\":\"4.19.247\",\"matchCriteriaId\":\"1D618A3C-AEC5-4520-BBDB-002AC8CA3FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.198\",\"matchCriteriaId\":\"3EC49633-14DE-4EBD-BB80-76AE2E3EABB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.122\",\"matchCriteriaId\":\"1B42AA01-44D8-4572-95E6-FF8E374CF9C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.47\",\"matchCriteriaId\":\"FC042EE3-4864-4325-BE0B-4BCDBF11AA61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.17.15\",\"matchCriteriaId\":\"53E7AA2E-2FB4-45CA-A22B-08B4EDBB51AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.18\",\"versionEndExcluding\":\"5.18.4\",\"matchCriteriaId\":\"FA6D643C-6D6A-4821-8A8D-B5776B8F0103\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/292be63c382ce20673ee61dff1ee9ed4a3dcaae7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3af15272cde28fe5c8489174b8624e232c1775ec\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/7f36f798f89bf32c0164049cb0e3fd1af613d0bb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8b91d0dfc839e67708c905648cd0e7507a2263e5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/92a930fcf4250fe961f6238b99af0bc405799f39\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b8fac8e321044a9ac50f7185b4e9d91a7745e4b0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f07670871f4d19e613740eebe210e7e9ea535973\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T08:36:19.539Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ntipc: check attribute length for bearer name\\n\\nsyzbot reported uninit-value:\\n=====================================================\\nBUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:644 [inline]\\nBUG: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725\\n string_nocheck lib/vsprintf.c:644 [inline]\\n string+0x4f9/0x6f0 lib/vsprintf.c:725\\n vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806\\n vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158\\n vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256\\n vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283\\n vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50\\n _printk+0x18d/0x1cf kernel/printk/printk.c:2293\\n tipc_enable_bearer net/tipc/bearer.c:371 [inline]\\n __tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033\\n tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042\\n genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]\\n\\n- Do sanity check the attribute length for TIPC_NLA_BEARER_NAME.\\n- Do not use \u0027illegal name\u0027 in printing message.\"}], \"affected\": [{\"product\": \"Linux\", \"vendor\": \"Linux\", \"defaultStatus\": \"unaffected\", \"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"programFiles\": [\"net/tipc/bearer.c\"], \"versions\": [{\"version\": \"cb30a63384bc91d5da06e1cede1115f666a29271\", \"lessThan\": \"f07670871f4d19e613740eebe210e7e9ea535973\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"cb30a63384bc91d5da06e1cede1115f666a29271\", \"lessThan\": \"8b91d0dfc839e67708c905648cd0e7507a2263e5\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"cb30a63384bc91d5da06e1cede1115f666a29271\", \"lessThan\": \"b8fac8e321044a9ac50f7185b4e9d91a7745e4b0\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"cb30a63384bc91d5da06e1cede1115f666a29271\", \"lessThan\": \"92a930fcf4250fe961f6238b99af0bc405799f39\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"cb30a63384bc91d5da06e1cede1115f666a29271\", \"lessThan\": \"292be63c382ce20673ee61dff1ee9ed4a3dcaae7\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"cb30a63384bc91d5da06e1cede1115f666a29271\", \"lessThan\": \"3af15272cde28fe5c8489174b8624e232c1775ec\", \"status\": \"affected\", \"versionType\": \"git\"}, {\"version\": \"cb30a63384bc91d5da06e1cede1115f666a29271\", \"lessThan\": \"7f36f798f89bf32c0164049cb0e3fd1af613d0bb\", \"status\": \"affected\", \"versionType\": \"git\"}]}, {\"product\": \"Linux\", \"vendor\": \"Linux\", \"defaultStatus\": \"affected\", \"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"programFiles\": [\"net/tipc/bearer.c\"], \"versions\": [{\"version\": \"4.17\", \"status\": \"affected\"}, {\"version\": \"0\", \"lessThan\": \"4.17\", \"status\": \"unaffected\", \"versionType\": \"semver\"}, {\"version\": \"4.19.247\", \"lessThanOrEqual\": \"4.19.*\", \"status\": \"unaffected\", \"versionType\": \"semver\"}, {\"version\": \"5.4.198\", \"lessThanOrEqual\": \"5.4.*\", \"status\": \"unaffected\", \"versionType\": \"semver\"}, {\"version\": \"5.10.122\", \"lessThanOrEqual\": \"5.10.*\", \"status\": \"unaffected\", \"versionType\": \"semver\"}, {\"version\": \"5.15.47\", \"lessThanOrEqual\": \"5.15.*\", \"status\": \"unaffected\", \"versionType\": \"semver\"}, {\"version\": \"5.17.15\", \"lessThanOrEqual\": \"5.17.*\", \"status\": \"unaffected\", \"versionType\": \"semver\"}, {\"version\": \"5.18.4\", \"lessThanOrEqual\": \"5.18.*\", \"status\": \"unaffected\", \"versionType\": \"semver\"}, {\"version\": \"5.19\", \"lessThanOrEqual\": \"*\", \"status\": \"unaffected\", \"versionType\": \"original_commit_for_fix\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.17\", \"versionEndExcluding\": \"4.19.247\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.17\", \"versionEndExcluding\": \"5.4.198\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.17\", \"versionEndExcluding\": \"5.10.122\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.17\", \"versionEndExcluding\": \"5.15.47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.17\", \"versionEndExcluding\": \"5.17.15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.17\", \"versionEndExcluding\": \"5.18.4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.17\", \"versionEndExcluding\": \"5.19\"}]}]}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/f07670871f4d19e613740eebe210e7e9ea535973\"}, {\"url\": \"https://git.kernel.org/stable/c/8b91d0dfc839e67708c905648cd0e7507a2263e5\"}, {\"url\": \"https://git.kernel.org/stable/c/b8fac8e321044a9ac50f7185b4e9d91a7745e4b0\"}, {\"url\": \"https://git.kernel.org/stable/c/92a930fcf4250fe961f6238b99af0bc405799f39\"}, {\"url\": \"https://git.kernel.org/stable/c/292be63c382ce20673ee61dff1ee9ed4a3dcaae7\"}, {\"url\": \"https://git.kernel.org/stable/c/3af15272cde28fe5c8489174b8624e232c1775ec\"}, {\"url\": \"https://git.kernel.org/stable/c/7f36f798f89bf32c0164049cb0e3fd1af613d0bb\"}], \"title\": \"tipc: check attribute length for bearer name\", \"x_generator\": {\"engine\": \"bippy-1.2.0\"}}, \"adp\": [{\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-49374\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-01T19:42:07.000378Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-908\", \"description\": \"CWE-908 Use of Uninitialized Resource\"}]}], \"providerMetadata\": {\"shortName\": \"CISA-ADP\", \"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"dateUpdated\": \"2025-10-01T16:45:52.062Z\"}, \"title\": \"CISA ADP Vulnrichment\"}]}",
"cveMetadata": "{\"cveId\": \"CVE-2022-49374\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Linux\", \"dateReserved\": \"2025-02-26T02:08:31.556Z\", \"datePublished\": \"2025-02-26T02:11:15.127Z\", \"dateUpdated\": \"2025-05-04T08:36:19.539Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}