CVE-2022-48632

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-48632

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48632.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-48632

Downstream

DEBIAN-CVE-2022-48632

OESA-2024-1647

RHSA-2024:2394

RHSA-2024:5101

RHSA-2024:5102

RLSA-2024:5101

RLSA-2024:5102

RXSA-2024:5101

SUSE-SU-2024:1644-1

SUSE-SU-2024:1659-1

SUSE-SU-2024:1663-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2189-1

SUSE-SU-2025:0231-1

UBUNTU-CVE-2022-48632

Related

Published

2024-04-28T12:59:10.481Z

Modified

2026-03-11T02:36:55.719222Z

Summary

i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()

Details

In the Linux kernel, the following vulnerability has been resolved:

i2c: mlxbf: prevent stack overflow in mlxbfi2csmbusstarttransaction()

memcpy() is called in a loop while 'operation->length' upper bound is not checked and 'data_idx' also increments.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48632.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

b5b5b32081cd206baa6e58cca7f112d9723785d6

Fixed

48ee0a864d1af02eea98fc825cc230d61517a71e

Fixed

dc2a0c587006f29b724069740c48654b9dcaebd2

Fixed

3b5ab5fbe69ebbee5692c72b05071a43fc0655d8

Fixed

de24aceb07d426b6f1c59f33889d6a964770547b

Affected versions

v5.*

v5.10

v5.10-rc1

v5.10-rc2

v5.10-rc3

v5.10-rc4

v5.10-rc5

v5.10-rc6

v5.10-rc7

v5.10.1

v5.10.10

v5.10.100

v5.10.101

v5.10.102

v5.10.103

v5.10.104

v5.10.105

v5.10.106

v5.10.107

v5.10.108

v5.10.109

v5.10.11

v5.10.110

v5.10.111

v5.10.112

v5.10.113

v5.10.114

v5.10.115

v5.10.116

v5.10.117

v5.10.118

v5.10.119

v5.10.12

v5.10.120

v5.10.121

v5.10.122

v5.10.123

v5.10.124

v5.10.125

v5.10.126

v5.10.127

v5.10.128

v5.10.129

v5.10.13

v5.10.130

v5.10.131

v5.10.132

v5.10.133

v5.10.134

v5.10.135

v5.10.136

v5.10.137

v5.10.138

v5.10.139

v5.10.14

v5.10.140

v5.10.141

v5.10.142

v5.10.143

v5.10.144

v5.10.145

v5.10.15

v5.10.16

v5.10.17

v5.10.18

v5.10.19

v5.10.2

v5.10.20

v5.10.21

v5.10.22

v5.10.23

v5.10.24

v5.10.25

v5.10.26

v5.10.27

v5.10.28

v5.10.29

v5.10.3

v5.10.30

v5.10.31

v5.10.32

v5.10.33

v5.10.34

v5.10.35

v5.10.36

v5.10.37

v5.10.38

v5.10.39

v5.10.4

v5.10.40

v5.10.41

v5.10.42

v5.10.43

v5.10.44

v5.10.45

v5.10.46

v5.10.47

v5.10.48

v5.10.49

v5.10.5

v5.10.50

v5.10.51

v5.10.52

v5.10.53

v5.10.54

v5.10.55

v5.10.56

v5.10.57

v5.10.58

v5.10.59

v5.10.6

v5.10.60

v5.10.61

v5.10.62

v5.10.63

v5.10.64

v5.10.65

v5.10.66

v5.10.67

v5.10.68

v5.10.69

v5.10.7

v5.10.70

v5.10.71

v5.10.72

v5.10.73

v5.10.74

v5.10.75

v5.10.76

v5.10.77

v5.10.78

v5.10.79

v5.10.8

v5.10.80

v5.10.81

v5.10.82

v5.10.83

v5.10.84

v5.10.85

v5.10.86

v5.10.87

v5.10.88

v5.10.89

v5.10.9

v5.10.90

v5.10.91

v5.10.92

v5.10.93

v5.10.94

v5.10.95

v5.10.96

v5.10.97

v5.10.98

v5.10.99

v5.11

v5.11-rc1

v5.11-rc2

v5.11-rc3

v5.11-rc4

v5.11-rc5

v5.11-rc6

v5.11-rc7

v5.12

v5.12-rc1

v5.12-rc1-dontuse

v5.12-rc2

v5.12-rc3

v5.12-rc4

v5.12-rc5

v5.12-rc6

v5.12-rc7

v5.12-rc8

v5.13

v5.13-rc1

v5.13-rc2

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.15.1

v5.15.10

v5.15.11

v5.15.12

v5.15.13

v5.15.14

v5.15.15

v5.15.16

v5.15.17

v5.15.18

v5.15.19

v5.15.2

v5.15.20

v5.15.21

v5.15.22

v5.15.23

v5.15.24

v5.15.25

v5.15.26

v5.15.27

v5.15.28

v5.15.29

v5.15.3

v5.15.30

v5.15.31

v5.15.32

v5.15.33

v5.15.34

v5.15.35

v5.15.36

v5.15.37

v5.15.38

v5.15.39

v5.15.4

v5.15.40

v5.15.41

v5.15.42

v5.15.43

v5.15.44

v5.15.45

v5.15.46

v5.15.47

v5.15.48

v5.15.49

v5.15.5

v5.15.50

v5.15.51

v5.15.52

v5.15.53

v5.15.54

v5.15.55

v5.15.56

v5.15.57

v5.15.58

v5.15.59

v5.15.6

v5.15.60

v5.15.61

v5.15.62

v5.15.63

v5.15.64

v5.15.65

v5.15.66

v5.15.67

v5.15.68

v5.15.69

v5.15.7

v5.15.70

v5.15.8

v5.15.9

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v5.19.1

v5.19.10

v5.19.11

v5.19.2

v5.19.3

v5.19.4

v5.19.5

v5.19.6

v5.19.7

v5.19.8

v5.19.9

v5.9

v5.9-rc3

v5.9-rc4

v5.9-rc5

v5.9-rc6

v5.9-rc7

v5.9-rc8

v6.*

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2022-48632-0d5d8aac",
        "target": {
            "file": "drivers/i2c/busses/i2c-mlxbf.c",
            "function": "mlxbf_i2c_smbus_start_transaction"
        },
        "digest": {
            "length": 1624.0,
            "function_hash": "32879370691689719870367124564251603211"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dc2a0c587006f29b724069740c48654b9dcaebd2"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2022-48632-221b3da6",
        "target": {
            "file": "drivers/i2c/busses/i2c-mlxbf.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "10147436627106233259792993495077799527",
                "13636684118435160583949204364119163123",
                "175930433789607676067716669827885717141",
                "121301047104490388983800219655268542600"
            ]
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dc2a0c587006f29b724069740c48654b9dcaebd2"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2022-48632-7cc3df95",
        "target": {
            "file": "drivers/i2c/busses/i2c-mlxbf.c",
            "function": "mlxbf_i2c_smbus_start_transaction"
        },
        "digest": {
            "length": 1624.0,
            "function_hash": "32879370691689719870367124564251603211"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48ee0a864d1af02eea98fc825cc230d61517a71e"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2022-48632-835bedae",
        "target": {
            "file": "drivers/i2c/busses/i2c-mlxbf.c",
            "function": "mlxbf_i2c_smbus_start_transaction"
        },
        "digest": {
            "length": 1624.0,
            "function_hash": "32879370691689719870367124564251603211"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@de24aceb07d426b6f1c59f33889d6a964770547b"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2022-48632-886970ae",
        "target": {
            "file": "drivers/i2c/busses/i2c-mlxbf.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "10147436627106233259792993495077799527",
                "13636684118435160583949204364119163123",
                "175930433789607676067716669827885717141",
                "121301047104490388983800219655268542600"
            ]
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@48ee0a864d1af02eea98fc825cc230d61517a71e"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2022-48632-e1eba765",
        "target": {
            "file": "drivers/i2c/busses/i2c-mlxbf.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "10147436627106233259792993495077799527",
                "13636684118435160583949204364119163123",
                "175930433789607676067716669827885717141",
                "121301047104490388983800219655268542600"
            ]
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "id": "CVE-2022-48632-f41a0cb7",
        "target": {
            "file": "drivers/i2c/busses/i2c-mlxbf.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "10147436627106233259792993495077799527",
                "13636684118435160583949204364119163123",
                "175930433789607676067716669827885717141",
                "121301047104490388983800219655268542600"
            ]
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@de24aceb07d426b6f1c59f33889d6a964770547b"
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "id": "CVE-2022-48632-fb771df8",
        "target": {
            "file": "drivers/i2c/busses/i2c-mlxbf.c",
            "function": "mlxbf_i2c_smbus_start_transaction"
        },
        "digest": {
            "length": 1624.0,
            "function_hash": "32879370691689719870367124564251603211"
        },
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3b5ab5fbe69ebbee5692c72b05071a43fc0655d8"
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48632.json"