CVE-2022-49199

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-49199
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49199.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-49199
Downstream
Related
Published
2025-02-26T01:55:42Z
Modified
2025-10-21T09:19:05.431942Z
Summary
RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit()
Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/nldev: Prevent underflow in nldevstatsetcounterdynamic_doit()

This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3c3c1f1416392382faa0238e76a70d7810aab2ef
Fixed
f6dd8669b8299a3a536cd92a7069152a7704da1d
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3c3c1f1416392382faa0238e76a70d7810aab2ef
Fixed
2a495ef04d5f42e6f00eb2bec1ee9075e3d5a771
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3c3c1f1416392382faa0238e76a70d7810aab2ef
Fixed
87e0eacb176f9500c2063d140c0a1d7fa51ab8a5

Affected versions

v5.*

v5.15
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.13
v5.16.14
v5.16.15
v5.16.16
v5.16.17
v5.16.18
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87e0eacb176f9500c2063d140c0a1d7fa51ab8a5",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2022-49199-06c8a3cc",
        "target": {
            "file": "drivers/infiniband/core/nldev.c"
        },
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "128050804793597201820264068664469975297",
                "332096125614872476463068081206699383791",
                "327407490634941532494168473969932861547",
                "94967370505504936386663466710461893026",
                "129949832294937436489170432272021082428",
                "53532214811207205565787454743811790649"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2a495ef04d5f42e6f00eb2bec1ee9075e3d5a771",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2022-49199-44713a94",
        "target": {
            "file": "drivers/infiniband/core/nldev.c"
        },
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "128050804793597201820264068664469975297",
                "332096125614872476463068081206699383791",
                "327407490634941532494168473969932861547",
                "94967370505504936386663466710461893026",
                "129949832294937436489170432272021082428",
                "53532214811207205565787454743811790649"
            ]
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f6dd8669b8299a3a536cd92a7069152a7704da1d",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2022-49199-664b5ae4",
        "target": {
            "function": "nldev_stat_set_counter_dynamic_doit",
            "file": "drivers/infiniband/core/nldev.c"
        },
        "signature_type": "Function",
        "digest": {
            "length": 884.0,
            "function_hash": "220175344297106358126453050508390422602"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2a495ef04d5f42e6f00eb2bec1ee9075e3d5a771",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2022-49199-d7d3beab",
        "target": {
            "function": "nldev_stat_set_counter_dynamic_doit",
            "file": "drivers/infiniband/core/nldev.c"
        },
        "signature_type": "Function",
        "digest": {
            "length": 884.0,
            "function_hash": "220175344297106358126453050508390422602"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87e0eacb176f9500c2063d140c0a1d7fa51ab8a5",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2022-49199-d8c4a2d5",
        "target": {
            "function": "nldev_stat_set_counter_dynamic_doit",
            "file": "drivers/infiniband/core/nldev.c"
        },
        "signature_type": "Function",
        "digest": {
            "length": 884.0,
            "function_hash": "220175344297106358126453050508390422602"
        }
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f6dd8669b8299a3a536cd92a7069152a7704da1d",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2022-49199-ea0c4b78",
        "target": {
            "file": "drivers/infiniband/core/nldev.c"
        },
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "128050804793597201820264068664469975297",
                "332096125614872476463068081206699383791",
                "327407490634941532494168473969932861547",
                "94967370505504936386663466710461893026",
                "129949832294937436489170432272021082428",
                "53532214811207205565787454743811790649"
            ]
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.19
Type
ECOSYSTEM
Events
Introduced
5.17.0
Fixed
5.17.2