Description

In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error: __memcpy() 'dctx->buf' too small (16 vs u32max) It's caused because Smatch marks 'link_len' as untrusted since it comes from sscanf(). Add a check to ensure that 'link_len' is not larger than the size of the 'link_str' buffer.

INFO

Published Date :

2025-02-26T01:54:29.195Z

Last Modified :

2025-10-01T19:57:06.701Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49058 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49058.

URL Resource
https://git.kernel.org/stable/c/1316c28569a80ab3596eeab05bf5e01991e7e739 cve-icon cve-icon
https://git.kernel.org/stable/c/22d658c6c5affed10c8907e67160cef0b6c92186 cve-icon cve-icon
https://git.kernel.org/stable/c/3e582749e742e662a8e9bb37cffac62dccaaa1e2 cve-icon cve-icon
https://git.kernel.org/stable/c/4e166a41180be2f1e66bbb6d46448e80a9a5ec05 cve-icon cve-icon
https://git.kernel.org/stable/c/515e7ba11ef043d6febe69389949c8ef5f25e9d0 cve-icon cve-icon
https://git.kernel.org/stable/c/64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304 cve-icon cve-icon
https://git.kernel.org/stable/c/9901b07ba42b39266b34a888e48d7306fd707bee cve-icon cve-icon
https://git.kernel.org/stable/c/eb5f51756944735ac70cd8bb38637cc202e29c91 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025022653-CVE-2022-49058-5df2@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49058 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49058 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact