CVE-2022-49642

{"id": "CVE-2022-49642", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-02-26T07:01:39.373", "references": [{"url": "https://git.kernel.org/stable/c/029c1c2059e9c4b38f97a06204cdecd10cfbeb8a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/2968830c9b47ce093237483c6207c61065712386", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9cc8edc571b871d974b3289868553f9ce544aba6", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cfa4caf3e881ad6dd366c903c34f1c7f21b857ab", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/d5c315a787652c35045044877a249f7d5c8a4104", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: dwc-qos: Disable split header for Tegra194\n\nThere is a long-standing issue with the Synopsys DWC Ethernet driver\nfor Tegra194 where random system crashes have been observed [0]. The\nproblem occurs when the split header feature is enabled in the stmmac\ndriver. In the bad case, a larger than expected buffer length is\nreceived and causes the calculation of the total buffer length to\noverflow. This results in a very large buffer length that causes the\nkernel to crash. Why this larger buffer length is received is not clear,\nhowever, the feedback from the NVIDIA design team is that the split\nheader feature is not supported for Tegra194. Therefore, disable split\nheader support for Tegra194 to prevent these random crashes from\noccurring.\n\n[0] https://lore.kernel.org/linux-tegra/b0b17697-f23e-8fa5-3757-604a86f3a095@nvidia.com/"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: stmmac: dwc-qos: Deshabilitar encabezado dividido para Tegra194 Hay un problema de larga data con el controlador Ethernet Synopsys DWC para Tegra194 donde se han observado fallas aleatorias del sistema [0]. El problema ocurre cuando la funci\u00f3n de encabezado dividido est\u00e1 habilitada en el controlador stmmac. En el mal caso, se recibe una longitud de b\u00fafer mayor a la esperada y hace que el c\u00e1lculo de la longitud total del b\u00fafer se desborde. Esto da como resultado una longitud de b\u00fafer muy grande que hace que el kernel se bloquee. No est\u00e1 claro por qu\u00e9 se recibe esta longitud de b\u00fafer mayor, sin embargo, la retroalimentaci\u00f3n del equipo de dise\u00f1o de NVIDIA es que la funci\u00f3n de encabezado dividido no es compatible con Tegra194. Por lo tanto, deshabilite la compatibilidad con encabezado dividido para Tegra194 para evitar que ocurran estas fallas aleatorias. [0] https://lore.kernel.org/linux-tegra/b0b17697-f23e-8fa5-3757-604a86f3a095@nvidia.com/"}], "lastModified": "2025-10-23T12:09:33.470", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CDC07B9-0100-43EB-B768-A2AEB8FC17AF", "versionEndExcluding": "5.4.207", "versionStartIncluding": "5.4"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46CE9FE9-22E3-45CA-8B5F-190C2CAFC5CE", "versionEndExcluding": "5.10.132", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF59CE2F-BA66-4BFD-83AB-4576F3D1B49A", "versionEndExcluding": "5.15.56", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "640221A7-96EE-4B48-8FE1-BA810131789B", "versionEndExcluding": "5.18.13", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8C30C2D-F82D-4D37-AB48-D76ABFBD5377"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF8547FC-C849-4F1B-804B-A93AE2F04A92"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3068028-F453-4A1C-B80F-3F5609ACEF60"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E9C0DB0-D349-489F-A3D6-B77214E93A8A"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A0DE3B7-0FFB-45AA-9BD6-19870CA7C6FD"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.19:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00AE778B-BAEE-49EB-9F84-003B73D7862A"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}