{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48632", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:44:28.315Z", "datePublished": "2024-04-28T12:59:10.481Z", "dateUpdated": "2025-05-04T08:20:08.103Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:20:08.103Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while 'operation->length' upper bound\nis not checked and 'data_idx' also increments."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-mlxbf.c"], "versions": [{"version": "b5b5b32081cd206baa6e58cca7f112d9723785d6", "lessThan": "48ee0a864d1af02eea98fc825cc230d61517a71e", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd206baa6e58cca7f112d9723785d6", "lessThan": "dc2a0c587006f29b724069740c48654b9dcaebd2", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd206baa6e58cca7f112d9723785d6", "lessThan": "3b5ab5fbe69ebbee5692c72b05071a43fc0655d8", "status": "affected", "versionType": "git"}, {"version": "b5b5b32081cd206baa6e58cca7f112d9723785d6", "lessThan": "de24aceb07d426b6f1c59f33889d6a964770547b", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/i2c/busses/i2c-mlxbf.c"], "versions": [{"version": "5.10", "status": "affected"}, {"version": "0", "lessThan": "5.10", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.146", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.71", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19.12", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.10.146"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.15.71"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.19.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e"}, {"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2"}, {"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"}, {"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b"}], "title": "i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.519Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48632", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:46:27.328258Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:12.457Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.519Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48632", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:46:27.328258Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:15.343Z"}}], "cna": {"title": "i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "b5b5b32081cd206baa6e58cca7f112d9723785d6", "lessThan": "48ee0a864d1af02eea98fc825cc230d61517a71e", "versionType": "git"}, {"status": "affected", "version": "b5b5b32081cd206baa6e58cca7f112d9723785d6", "lessThan": "dc2a0c587006f29b724069740c48654b9dcaebd2", "versionType": "git"}, {"status": "affected", "version": "b5b5b32081cd206baa6e58cca7f112d9723785d6", "lessThan": "3b5ab5fbe69ebbee5692c72b05071a43fc0655d8", "versionType": "git"}, {"status": "affected", "version": "b5b5b32081cd206baa6e58cca7f112d9723785d6", "lessThan": "de24aceb07d426b6f1c59f33889d6a964770547b", "versionType": "git"}], "programFiles": ["drivers/i2c/busses/i2c-mlxbf.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.10"}, {"status": "unaffected", "version": "0", "lessThan": "5.10", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.146", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.71", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.19.12", "versionType": "semver", "lessThanOrEqual": "5.19.*"}, {"status": "unaffected", "version": "6.0", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/i2c/busses/i2c-mlxbf.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e"}, {"url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2"}, {"url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"}, {"url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while 'operation->length' upper bound\nis not checked and 'data_idx' also increments."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.146", "versionStartIncluding": "5.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.71", "versionStartIncluding": "5.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.19.12", "versionStartIncluding": "5.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.0", "versionStartIncluding": "5.10"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:20:08.103Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48632", "state": "PUBLISHED", "dateUpdated": "2025-05-04T08:20:08.103Z", "dateReserved": "2024-02-25T13:44:28.315Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-28T12:59:10.481Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\n\nmemcpy() is called in a loop while 'operation->length' upper bound\nis not checked and 'data_idx' also increments."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: mlxbf: evita el desbordamiento de pila en mlxbf_i2c_smbus_start_transaction() memcpy() se llama en un bucle mientras que el l\u00edmite superior 'operation->length' no est\u00e1 marcado y 'data_idx' tambi\u00e9n aumenta."}], "id": "CVE-2022-48632", "lastModified": "2024-11-21T07:33:39.170", "metrics": {}, "published": "2024-04-28T13:15:06.517", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/48ee0a864d1af02eea98fc825cc230d61517a71e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/dc2a0c587006f29b724069740c48654b9dcaebd2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/de24aceb07d426b6f1c59f33889d6a964770547b"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:2394", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.13.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:2394", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.13.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}], "bugzilla": {"description": "kernel: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()", "id": "2277840", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2277840"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-122", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ni2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()\nmemcpy() is called in a loop while 'operation->length' upper bound\nis not checked and 'data_idx' also increments.", "A flaw was found in the Linux kernel. The following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()."], "mitigation": {"lang": "en:us", "value": "To mitigate this issue, prevent module i2c-mlxbf from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."}, "name": "CVE-2022-48632", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48632\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48632\nhttps://lore.kernel.org/linux-cve-announce/2024042854-CVE-2022-48632-465f@gregkh/T"], "statement": "Actual only for ARM platforms. For the Red Hat Enterprise Linux and Fedora the related code disabled, so not affected (apart from the latest version of the Red Hat Enterprise Linux 9 and latest version of the Red Hat Enterprise Linux 10). The bug could happen only if Mellanox BlueField I2C controller being used.", "threat_severity": "Moderate"}