CVE-2022-49659
- Source
- https://cve.org/CVERecord?id=CVE-2022-49659
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49659.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49659
- Downstream
- Published
- 2025-02-26T02:23:57.411Z
- Modified
- 2026-03-11T06:34:12.396468Z
- Summary
- can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
can: mcan: mcan_{readfifo,echotx_event}(): shift timestamp to full 32 bits
In commit 1be37d3b0414 ("can: m_can: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context") the RX path for peripheral devices was switched to RX-offload.
Received CAN frames are pushed to RX-offload together with a timestamp. RX-offload is designed to handle overflows of the timestamp correctly, if 32 bit timestamps are provided.
The timestamps of m_can core are only 16 bits wide. So this patch shifts them to full 32 bit before passing them to RX-offload.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49659.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/2a2914a5bd7f38efe55a8372178146de82e0bce9
- https://git.kernel.org/stable/c/4c3333693f07313f5f0145a922f14a7d3c0f4f21
- https://git.kernel.org/stable/c/c7333f79888497bfd75dcd02a94eaf836dd1042c
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49659.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49659
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1be37d3b0414e3db47f6fcba6c16286bbae0cb65Fixedc7333f79888497bfd75dcd02a94eaf836dd1042cFixed2a2914a5bd7f38efe55a8372178146de82e0bce9Fixed4c3333693f07313f5f0145a922f14a7d3c0f4f21
Affected versions
v5.*
v5.12
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.10
v5.18.2
v5.18.3
v5.18.4
v5.18.5
v5.18.6
v5.18.7
v5.18.8
v5.18.9
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
Database specific
vanir_signatures
[
{
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2022-49659-23caa739",
"target": {
"file": "drivers/net/can/m_can/m_can.c",
"function": "m_can_echo_tx_event"
},
"digest": {
"length": 718.0,
"function_hash": "79064162121903194633063158894265223534"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2a2914a5bd7f38efe55a8372178146de82e0bce9"
},
{
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2022-49659-390a5bab",
"target": {
"file": "drivers/net/can/m_can/m_can.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"269971702623838695954930060285550620227",
"45799307462549563978751761276310712272",
"71637388844207888667334957875364763974",
"277113333730920787434022508443981336913",
"78813754148373596856339650451520086105",
"147698792095142133877761805802638440671",
"145971990574824511615087530833748631192",
"62478898600044628324738859119994391017"
]
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c3333693f07313f5f0145a922f14a7d3c0f4f21"
},
{
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2022-49659-6ae97526",
"target": {
"file": "drivers/net/can/m_can/m_can.c",
"function": "m_can_read_fifo"
},
"digest": {
"length": 1483.0,
"function_hash": "228812036135117957489680479659479448827"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2a2914a5bd7f38efe55a8372178146de82e0bce9"
},
{
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2022-49659-6f8c222c",
"target": {
"file": "drivers/net/can/m_can/m_can.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"269971702623838695954930060285550620227",
"45799307462549563978751761276310712272",
"71637388844207888667334957875364763974",
"277113333730920787434022508443981336913",
"78813754148373596856339650451520086105",
"147698792095142133877761805802638440671",
"145971990574824511615087530833748631192",
"62478898600044628324738859119994391017"
]
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2a2914a5bd7f38efe55a8372178146de82e0bce9"
},
{
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2022-49659-71e6ffc4",
"target": {
"file": "drivers/net/can/m_can/m_can.c",
"function": "m_can_read_fifo"
},
"digest": {
"length": 1483.0,
"function_hash": "228421193908233088756666856535379777417"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c7333f79888497bfd75dcd02a94eaf836dd1042c"
},
{
"signature_type": "Line",
"deprecated": false,
"id": "CVE-2022-49659-9b1c3254",
"target": {
"file": "drivers/net/can/m_can/m_can.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"184439313263024763379840110649622234617",
"184489182774989975525105108519942205447",
"21855153977495740264258715120752326060",
"277113333730920787434022508443981336913",
"78813754148373596856339650451520086105",
"147698792095142133877761805802638440671",
"145971990574824511615087530833748631192",
"62478898600044628324738859119994391017"
]
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c7333f79888497bfd75dcd02a94eaf836dd1042c"
},
{
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2022-49659-a3a0e4c5",
"target": {
"file": "drivers/net/can/m_can/m_can.c",
"function": "m_can_echo_tx_event"
},
"digest": {
"length": 718.0,
"function_hash": "79064162121903194633063158894265223534"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c3333693f07313f5f0145a922f14a7d3c0f4f21"
},
{
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2022-49659-a502347b",
"target": {
"file": "drivers/net/can/m_can/m_can.c",
"function": "m_can_read_fifo"
},
"digest": {
"length": 1483.0,
"function_hash": "228812036135117957489680479659479448827"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4c3333693f07313f5f0145a922f14a7d3c0f4f21"
},
{
"signature_type": "Function",
"deprecated": false,
"id": "CVE-2022-49659-a6ce332e",
"target": {
"file": "drivers/net/can/m_can/m_can.c",
"function": "m_can_echo_tx_event"
},
"digest": {
"length": 718.0,
"function_hash": "79064162121903194633063158894265223534"
},
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c7333f79888497bfd75dcd02a94eaf836dd1042c"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49659.json"