github - ghsa-6rj2-mg6v-3gwc

ghsa-6rj2-mg6v-3gwc

Vulnerability from github

Published

2025-10-23 12:31

Modified

2025-10-23 12:31

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

In the Linux kernel, the following vulnerability has been resolved:

drm/i915/selftests: fix subtraction overflow bug

On some machines hole_end can be small enough to cause subtraction overflow. On the other side (addr + 2 * min_alignment) can overflow in case of mock tests. This patch should handle both cases.

(cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2)

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-49635"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-02-26T07:01:38Z",
    "severity": "HIGH"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/selftests: fix subtraction overflow bug\n\nOn some machines hole_end can be small enough to cause subtraction\noverflow. On the other side (addr + 2 * min_alignment) can overflow\nin case of mock tests. This patch should handle both cases.\n\n(cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2)",
  "id": "GHSA-6rj2-mg6v-3gwc",
  "modified": "2025-10-23T12:31:16Z",
  "published": "2025-10-23T12:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49635"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/333991c4e66b3d4b5613315f18016da80344f659"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e8997d2d6b8d764e12489f1af2a1ce1d7384ca2a"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2022-49635 (GCVE-0-2022-49635)

Vulnerability from cvelistv5

Published

2025-02-26 02:23

Modified

2025-05-04 08:42

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/i915/selftests: fix subtraction overflow bug On some machines hole_end can be small enough to cause subtraction overflow. On the other side (addr + 2 * min_alignment) can overflow in case of mock tests. This patch should handle both cases. (cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2)

References

URL

Tags

	https://git.kernel.org/stable/c/e8997d2d6b8d764e12489f1af2a1ce1d7384ca2a
	https://git.kernel.org/stable/c/333991c4e66b3d4b5613315f18016da80344f659

Impacted products

Vendor

Product

Version

Version: e1c5f754067b594de58d387aa5873dec83b6c9fd
Version: e1c5f754067b594de58d387aa5873dec83b6c9fd

Version: 4.12

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/i915/selftests/i915_gem_gtt.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e8997d2d6b8d764e12489f1af2a1ce1d7384ca2a",
              "status": "affected",
              "version": "e1c5f754067b594de58d387aa5873dec83b6c9fd",
              "versionType": "git"
            },
            {
              "lessThan": "333991c4e66b3d4b5613315f18016da80344f659",
              "status": "affected",
              "version": "e1c5f754067b594de58d387aa5873dec83b6c9fd",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/i915/selftests/i915_gem_gtt.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.12"
            },
            {
              "lessThan": "4.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.18.*",
              "status": "unaffected",
              "version": "5.18.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.18.13",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19",
                  "versionStartIncluding": "4.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/selftests: fix subtraction overflow bug\n\nOn some machines hole_end can be small enough to cause subtraction\noverflow. On the other side (addr + 2 * min_alignment) can overflow\nin case of mock tests. This patch should handle both cases.\n\n(cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2)"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:42:16.363Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e8997d2d6b8d764e12489f1af2a1ce1d7384ca2a"
        },
        {
          "url": "https://git.kernel.org/stable/c/333991c4e66b3d4b5613315f18016da80344f659"
        }
      ],
      "title": "drm/i915/selftests: fix subtraction overflow bug",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-49635",
    "datePublished": "2025-02-26T02:23:45.744Z",
    "dateReserved": "2025-02-26T02:21:30.429Z",
    "dateUpdated": "2025-05-04T08:42:16.363Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.