Description

In the Linux kernel, the following vulnerability has been resolved: netlink: Bounds-check struct nlmsgerr creation In preparation for FORTIFY_SOURCE doing bounds-check on memcpy(), switch from __nlmsg_put to nlmsg_put(), and explain the bounds check for dealing with the memcpy() across a composite flexible array struct. Avoids this future run-time warning: memcpy: detected field-spanning write (size 32) of single field "&errmsg->msg" at net/netlink/af_netlink.c:2447 (size 16)

INFO

Published Date :

2025-05-01T14:09:05.569Z

Last Modified :

2025-12-23T13:25:49.041Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-49766 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-49766.

URL Resource
https://git.kernel.org/stable/c/710d21fdff9a98d621cd4e64167f3ef8af4e2fd1 cve-icon cve-icon
https://git.kernel.org/stable/c/aff4eb16f589c3af322a2582044bca365381fcd6 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050114-CVE-2022-49766-7b16@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-49766 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-49766 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact