CVE-2022-49044

dm integrity: fix memory corruption when tag_size is less than digest size

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MITRE
PS

In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tag_size is less than digest size It is possible to set up dm-integrity in such a way that the
"tag_size" parameter is less than the actual digest size. In this
situation, a part of the digest beyond tag_size is ignored. In this case, dm-integrity would write beyond the end of the
ic->recalc_tags array and corrupt memory. The corruption happened in
integrity_recalc->integrity_sector_checksum->crypto_shash_final. Fix this corruption by increasing the tags array so that it has enough
padding at the end to accomodate the loop in integrity_recalc() being
able to write a full digest size for the last member of the tags
array.

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-26 CVE Reserved
2025-02-26 CVE Published
2025-05-04 CVE Updated
2025-06-28 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
https://git.kernel.org/stable/c/7eada909bfd7ac90a4522e56aa3179d1fd68cd14	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/6a95d91c0b315c965198f6ab7dec7c94129e17e0	2022-04-27
https://git.kernel.org/stable/c/7f84c937222944c03f4615ca4742df6bed0e5adf	2022-04-20
https://git.kernel.org/stable/c/cd02b2687d66f0a8e716384de4b9a0671331f1dc	2022-04-20
https://git.kernel.org/stable/c/6b4bf97587ef6c1927a78934b700204920655123	2022-04-20
https://git.kernel.org/stable/c/4d485cf9b609709e45d5113e6e2b1b01254b2fe9	2022-04-20
https://git.kernel.org/stable/c/08c1af8f1c13bbf210f1760132f4df24d0ed46d6	2022-04-13

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 4.19.240 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 4.19.240"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.4.190 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.4.190"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.10.112 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.10.112"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.15.35 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.15.35"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.17.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.17.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.12 < 5.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.12 < 5.18"		en		Affected