CVE-2022-49766

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFY_SOURCE doing bounds-check on memcpy(), switch from __nlmsg_put to nlmsg_put(), and explain the bounds check for dealing with the memcpy() across a composite flexible array struct. Avoids this future run-time warning: memcpy: detected field-spanning write (size 32) of single field "&errmsg->msg" at net/netlink/af_netlink.c:2447 (size 16)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/710d21fdff9a98d621cd4e64167f3ef8af4e2fd1	Patch
https://git.kernel.org/stable/c/aff4eb16f589c3af322a2582044bca365381fcd6	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

06 Nov 2025, 21:57

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		NVD-CWE-noinfo
First Time		Linux linux Kernel Linux
References	~~() https://git.kernel.org/stable/c/710d21fdff9a98d621cd4e64167f3ef8af4e2fd1 -~~	() https://git.kernel.org/stable/c/710d21fdff9a98d621cd4e64167f3ef8af4e2fd1 - Patch
References	~~() https://git.kernel.org/stable/c/aff4eb16f589c3af322a2582044bca365381fcd6 -~~	() https://git.kernel.org/stable/c/aff4eb16f589c3af322a2582044bca365381fcd6 - Patch
CPE		cpe:2.3:o:linux:linux_kernel::::::::

Information

Published : 2025-05-01 15:15

Updated : 2025-11-06 21:57

NVD link : CVE-2022-49766

Mitre link : CVE-2022-49766

CVE.ORG link : CVE-2022-49766

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2022-49766", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-05-01T15:15:59.380", "references": [{"url": "https://git.kernel.org/stable/c/710d21fdff9a98d621cd4e64167f3ef8af4e2fd1", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/aff4eb16f589c3af322a2582044bca365381fcd6", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Bounds-check struct nlmsgerr creation\n\nIn preparation for FORTIFY_SOURCE doing bounds-check on memcpy(),\nswitch from __nlmsg_put to nlmsg_put(), and explain the bounds check\nfor dealing with the memcpy() across a composite flexible array struct.\nAvoids this future run-time warning:\n\n memcpy: detected field-spanning write (size 32) of single field \"&errmsg->msg\" at net/netlink/af_netlink.c:2447 (size 16)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netlink: Creaci\u00f3n de la estructura nlmsgerr con comprobaci\u00f3n de los l\u00edmites. En preparaci\u00f3n para que FORTIFY_SOURCE realice la comprobaci\u00f3n de los l\u00edmites en memcpy(), cambie de __nlmsg_put a nlmsg_put() y explique la comprobaci\u00f3n de los l\u00edmites para procesar memcpy() en una estructura de matriz flexible compuesta. Esto evita esta futura advertencia en tiempo de ejecuci\u00f3n: memcpy: se detect\u00f3 una escritura que abarca campos (tama\u00f1o 32) en un solo campo \"&errmsg->msg\" en net/netlink/af_netlink.c:2447 (tama\u00f1o 16)."}], "lastModified": "2025-11-06T21:57:43.357", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6460EC4-9676-44DC-BD3D-51B124E4D196", "versionEndExcluding": "6.0.10"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}