| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022629-CVE-2022-49269-dbd1@gregkh> Date: Wed, 26 Feb 2025 02:57:54 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49269: can: isotp: sanitize CAN ID checks in isotp_bind() Description =========== In the Linux kernel, the following vulnerability has been resolved: can: isotp: sanitize CAN ID checks in isotp_bind() Syzbot created an environment that lead to a state machine status that can not be reached with a compliant CAN ID address configuration. The provided address information consisted of CAN ID 0x6000001 and 0xC28001 which both boil down to 11 bit CAN IDs 0x001 in sending and receiving. Sanitize the SFF/EFF CAN ID values before performing the address checks. The Linux kernel CVE team has assigned CVE-2022-49269 to this issue. Affected and fixed versions =========================== Issue introduced in 5.10 with commit e057dd3fc20ffb3d7f150af46542a51b59b90127 and fixed in 5.10.110 with commit d72866a7f5326160d2a9d945a33eb6ef1883e25d Issue introduced in 5.10 with commit e057dd3fc20ffb3d7f150af46542a51b59b90127 and fixed in 5.15.33 with commit f343dbe82314ab457153c9afd970be4e9e553020 Issue introduced in 5.10 with commit e057dd3fc20ffb3d7f150af46542a51b59b90127 and fixed in 5.16.19 with commit cf522d741f5301223cc94b978eb1603c7590d65e Issue introduced in 5.10 with commit e057dd3fc20ffb3d7f150af46542a51b59b90127 and fixed in 5.17.2 with commit 7b4652fc71dcec043977a6def80ef5034c913615 Issue introduced in 5.10 with commit e057dd3fc20ffb3d7f150af46542a51b59b90127 and fixed in 5.18 with commit 3ea566422cbde9610c2734980d1286ab681bb40e Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49269 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: net/can/isotp.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/d72866a7f5326160d2a9d945a33eb6ef1883e25d https://git.kernel.org/stable/c/f343dbe82314ab457153c9afd970be4e9e553020 https://git.kernel.org/stable/c/cf522d741f5301223cc94b978eb1603c7590d65e https://git.kernel.org/stable/c/7b4652fc71dcec043977a6def80ef5034c913615 https://git.kernel.org/stable/c/3ea566422cbde9610c2734980d1286ab681bb40e
Powered by blists - more mailing lists