CVE-2022-49563 (GCVE-0-2022-49563)
Vulnerability from cvelistv5
Published
2025-02-26 02:23
Modified
2025-05-21 08:44
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for RSA Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a linear buffer.
Impacted products
Vendor Product Version
Linux Linux Version: a990532023b903b10cf14736241cdd138e4bc92c
Version: a990532023b903b10cf14736241cdd138e4bc92c
Version: a990532023b903b10cf14736241cdd138e4bc92c
Create a notification for this product.
   Linux Linux Version: 4.3
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/crypto/qat/qat_common/qat_asym_algs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4d6d2adce08788b7667a6e58002682ea1bbf6a79",
              "status": "affected",
              "version": "a990532023b903b10cf14736241cdd138e4bc92c",
              "versionType": "git"
            },
            {
              "lessThan": "f993321e50ba7a8ba4f5b19939e1772a921a1c42",
              "status": "affected",
              "version": "a990532023b903b10cf14736241cdd138e4bc92c",
              "versionType": "git"
            },
            {
              "lessThan": "9714061423b8b24b8afb31b8eb4df977c63f19c4",
              "status": "affected",
              "version": "a990532023b903b10cf14736241cdd138e4bc92c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/crypto/qat/qat_common/qat_asym_algs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "lessThan": "4.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.58",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.18.*",
              "status": "unaffected",
              "version": "5.18.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.58",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.18.15",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - add param check for RSA\n\nReject requests with a source buffer that is bigger than the size of the\nkey. This is to prevent a possible integer underflow that might happen\nwhen copying the source scatterlist into a linear buffer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-21T08:44:08.766Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4d6d2adce08788b7667a6e58002682ea1bbf6a79"
        },
        {
          "url": "https://git.kernel.org/stable/c/f993321e50ba7a8ba4f5b19939e1772a921a1c42"
        },
        {
          "url": "https://git.kernel.org/stable/c/9714061423b8b24b8afb31b8eb4df977c63f19c4"
        }
      ],
      "title": "crypto: qat - add param check for RSA",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-49563",
    "datePublished": "2025-02-26T02:23:10.252Z",
    "dateReserved": "2025-02-26T02:08:31.591Z",
    "dateUpdated": "2025-05-21T08:44:08.766Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-49563\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-26T07:01:32.060\",\"lastModified\":\"2025-03-10T21:28:10.553\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncrypto: qat - add param check for RSA\\n\\nReject requests with a source buffer that is bigger than the size of the\\nkey. This is to prevent a possible integer underflow that might happen\\nwhen copying the source scatterlist into a linear buffer.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: crypto: qat - a\u00f1adir comprobaci\u00f3n de par\u00e1metros para solicitudes de rechazo RSA con un b\u00fafer de origen que sea m\u00e1s grande que el tama\u00f1o de la clave. Esto es para evitar un posible desbordamiento de enteros que podr\u00eda ocurrir al copiar la lista de dispersi\u00f3n de origen en un b\u00fafer lineal.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-191\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.15.58\",\"matchCriteriaId\":\"0DFC6E4B-8C85-4056-80F1-C9129E42FE45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.18.15\",\"matchCriteriaId\":\"EAD6B571-194C-43A2-A4AB-F68F869D13BC\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4d6d2adce08788b7667a6e58002682ea1bbf6a79\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9714061423b8b24b8afb31b8eb4df977c63f19c4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f993321e50ba7a8ba4f5b19939e1772a921a1c42\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…