• CVE-2022-48949

发布时间: 2024年11月8日

修改时间: 2025年1月3日

概要

In the Linux kernel, the following vulnerability has been resolved: igb: Initialize mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. The memory, however, is allocated from the stack meaning that information may be leaked to the VM. Initialize the message buffer to 0 so that no information is passed to the VM in this case.

CVSS v3 指标

NVD openEuler
Confidentiality High High
Attack Vector Local Local
CVSS评分 5.5 5.5
Attack Complexity Low Low
Privileges Required Low Low
Scope Unchanged Unchanged
Integrity None None
User Interaction None None
Availability None None

安全公告

公告名 概要 发布时间
KylinSec-SA-2024-4908 kernel security update 2025年2月17日

影响产品

产品 状态
KY3.5.2 kernel Fixed
KY3.4-5 kernel Fixed