VDB
CVE-2022-49289
CVE-2022-49289
PUBLISHED
Reported by Linux · Published February 26, 2025
In the Linux kernel, the following vulnerability has been resolved: uaccess: fix integer overflow on access_ok() Three architectures check the end of a user access against the address limit without taking a possible overflow into account. Passing a negative length or another overflow in here returns success when it should not. Use the most common correct implementation here, which optimizes for a constant 'size' argument, and turns the common case into a single comparison.
EPSS 0.12% · 29.7th percentile
Risk Scores
EPSS Score
0.12%
29.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 7567746e1c0d66ac0ef8a9d8816ca694462c7370, 7567746e1c0d66ac0ef8a9d8816ca694462c7370, 7567746e1c0d66ac0ef8a9d8816ca694462c7370 |
| Linux | Linux | 3.2, 0, 5.15.32 |
| Linux | Linux | *, 7567746e1c0d66ac0ef8a9d8816ca694462c7370, 7567746e1c0d66ac0ef8a9d8816ca694462c7370 |
| linux | linux_kernel | 3.2, 3.2, 3.2 |
Timeline
- Feb 26, 2025 CVE Published
- Feb 27, 2025 EPSS Score
- Mar 13, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Apr 10, 2025 EPSS Score
- Apr 24, 2025 EPSS Score
- May 8, 2025 EPSS Score
- May 22, 2025 EPSS Score
- Jun 5, 2025 EPSS Score
- Jun 20, 2025 EPSS Score
- Jul 4, 2025 EPSS Score
- Jul 18, 2025 EPSS Score