CVE-2022-49635

In the Linux kernel, the following vulnerability has been resolved:

drm/i915/selftests: fix subtraction overflow bug

On some machines hole_end can be small enough to cause subtraction
overflow. On the other side (addr + 2 * min_alignment) can overflow
in case of mock tests. This patch should handle both cases.

(cherry picked from commit ab3edc679c552a466e4bf0b11af3666008bd65a2)
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
linuxlinux_kernel
4.12 ≤
𝑥
< 5.18.13
linuxlinux_kernel
5.19:rc1
linuxlinux_kernel
5.19:rc2
linuxlinux_kernel
5.19:rc3
linuxlinux_kernel
5.19:rc4
linuxlinux_kernel
5.19:rc5
linuxlinux_kernel
5.19:rc6
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
vulnerable
bullseye (security)
vulnerable
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/333991c4e66b3d4b5613315f18016da80344f659
https://git.kernel.org/stable/c/e8997d2d6b8d764e12489f1af2a1ce1d7384ca2a