CVE-2022-49570

In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow Current implementation is not able to configure more than 32 pins due to incorrect data type. So type casting with unsigned long to avoid it.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/32c094a09d5829ad9b02cdf667569aefa8de0ea6	Patch
https://git.kernel.org/stable/c/6f16a5390640807dde420ee5ccbc4c95577aea6a	Patch
https://git.kernel.org/stable/c/e129e5486b981d324057e6986059f852658b0d00	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc5::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc6::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc7::::::

History

10 Mar 2025, 21:19

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: gpio: gpio-xilinx: Se corrige el desbordamiento de enteros. La implementación actual no puede configurar más de 32 pines debido a un tipo de datos incorrecto. Por lo tanto, se realiza una conversión de tipos con unsigned long para evitarlo.
CPE		cpe:2.3:o:linux:linux_kernel:5.19:rc5:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.19:rc6:::::: cpe:2.3:o:linux:linux_kernel:5.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.19:rc7:::::: cpe:2.3:o:linux:linux_kernel:5.19:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.19:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.19:rc3::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CWE		CWE-190
References	~~() https://git.kernel.org/stable/c/32c094a09d5829ad9b02cdf667569aefa8de0ea6 -~~	() https://git.kernel.org/stable/c/32c094a09d5829ad9b02cdf667569aefa8de0ea6 - Patch
References	~~() https://git.kernel.org/stable/c/6f16a5390640807dde420ee5ccbc4c95577aea6a -~~	() https://git.kernel.org/stable/c/6f16a5390640807dde420ee5ccbc4c95577aea6a - Patch
References	~~() https://git.kernel.org/stable/c/e129e5486b981d324057e6986059f852658b0d00 -~~	() https://git.kernel.org/stable/c/e129e5486b981d324057e6986059f852658b0d00 - Patch
First Time		Linux Linux linux Kernel

26 Feb 2025, 07:01

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-26 07:01

Updated : 2025-03-10 21:19

NVD link : CVE-2022-49570

Mitre link : CVE-2022-49570

CVE.ORG link : CVE-2022-49570

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-190

Integer Overflow or Wraparound

5.5 /10