CVE-2022-49199

RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit()

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows.

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/f6dd8669b8299a3a536cd92a7069152a7704da1d
https://git.kernel.org/stable/c/2a495ef04d5f42e6f00eb2bec1ee9075e3d5a771
https://git.kernel.org/stable/c/87e0eacb176f9500c2063d140c0a1d7fa51ab8a5

Frequently Asked Questions

What is the severity of CVE-2022-49199?
CVE-2022-49199 has not yet been assigned a CVSS score.
How to fix CVE-2022-49199?
To fix CVE-2022-49199, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49199 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49199 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49199?
CVE-2022-49199 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.