CVE-2022-48807

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-48807
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48807.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48807
Downstream
Related
Published
2024-07-16T11:43:58.406Z
Modified
2026-03-14T11:56:19.994261Z
Summary
ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler
Details

In the Linux kernel, the following vulnerability has been resolved:

ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler

Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the netdevnotifier_info passed has a different structure depending on which event is passed. The problem manifests as a call trace from a BUG: KASAN stack-out-of-bounds error.

Fix this by creating a handler specific to NETDEVUNREGISTER that only is passed valid elements in the netdevnotifierinfo struct for the NETDEVUNREGISTER event.

Also included is the removal of an unbalanced devput on the peernetdev and related braces.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48807.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
6a8b357278f5f8b9817147277ab8f12879dce8a8
Fixed
f9daedc3ab8f673e3a9374b91a89fbf1174df469
Fixed
faa9bcf700ca1a0d09f92502a6b65d3ce313fb46
Fixed
bea1898f65b9b7096cb4e73e97c83b94718f1fa1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e83b3cce4722b880c277d44b13eebf2548cb2ebb

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48807.json"