CVE-2022-48687

Public on 2024-05-03

Modified on 2024-05-18

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through four attributes: SEG6_ATTR_HMACKEYID, SEG6_ATTR_SECRET, SEG6_ATTR_SECRETLEN and SEG6_ATTR_ALGID.

Severity

Medium

CVSS v3 Base Score

5.5

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory	Status
Amazon Linux 1	kernel	2022-09-30	ALAS-2022-1636	Fixed
Amazon Linux 2 - Core	kernel	2022-09-30	ALAS2-2022-1852	Fixed
Amazon Linux 2 - Kernel-5.10 Extra	kernel	2022-09-30	ALAS2KERNEL-5.10-2022-020	Fixed
Amazon Linux 2 - Kernel-5.15 Extra	kernel	2022-09-30	ALAS2KERNEL-5.15-2022-008	Fixed
Amazon Linux 2 - Kernel-5.4 Extra	kernel	2022-09-30	ALAS2KERNEL-5.4-2022-036	Fixed
Amazon Linux 2023	kernel			Not Affected

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	5.5	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
NVD	CVSSv3	5.5	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

Red Hat: CVE-2022-48687 Mitre: CVE-2022-48687