CVE-2022-48780

{"id": "CVE-2022-48780", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-07-16T12:15:03.143", "references": [{"url": "https://git.kernel.org/stable/c/1de9770d121ee9294794cca0e0be8fbfa0134ee8", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7de7ba7a8bd4fde0141de8674c13514d0072f0e6", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f00b6c976ae0dfbd9b891175f713f59095d23842", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/1de9770d121ee9294794cca0e0be8fbfa0134ee8", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/7de7ba7a8bd4fde0141de8674c13514d0072f0e6", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/f00b6c976ae0dfbd9b891175f713f59095d23842", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-835"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Avoid overwriting the copies of clcsock callback functions\n\nThe callback functions of clcsock will be saved and replaced during\nthe fallback. But if the fallback happens more than once, then the\ncopies of these callback functions will be overwritten incorrectly,\nresulting in a loop call issue:\n\nclcsk->sk_error_report\n |- smc_fback_error_report() <------------------------------|\n |- smc_fback_forward_wakeup() | (loop)\n |- clcsock_callback() (incorrectly overwritten) |\n |- smc->clcsk_error_report() ------------------|\n\nSo this patch fixes the issue by saving these function pointers only\nonce in the fallback and avoiding overwriting."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net/smc: evite sobrescribir las copias de las funciones de devoluci\u00f3n de llamada de clcsock. Las funciones de devoluci\u00f3n de llamada de clcsock se guardar\u00e1n y reemplazar\u00e1n durante la reserva. Pero si el retroceso ocurre m\u00e1s de una vez, las copias de estas funciones de devoluci\u00f3n de llamada se sobrescribir\u00e1n incorrectamente, lo que provocar\u00e1 un problema de llamada en bucle: clcsk-&gt;sk_error_report |- smc_fback_error_report() &lt;------------ ------------------| |- smc_fback_forward_wakeup() | (bucle) |- clcsock_callback() (sobrescrito incorrectamente) | |- smc-&gt;clcsk_error_report() ------------------| Por lo tanto, este parche soluciona el problema al guardar estos punteros de funci\u00f3n solo una vez en el respaldo y evitar la sobrescritura."}], "lastModified": "2025-10-03T14:32:27.243", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "622A6FA4-6A75-46EA-B991-6BD80DA14954", "versionEndExcluding": "5.15.25", "versionStartIncluding": "5.15.22"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57602530-10E1-471F-8292-9C2955DF5DD1", "versionEndExcluding": "5.16.11", "versionStartIncluding": "5.16.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}