Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-49404
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-26 Feb, 2025 | 02:12
Updated At-01 Oct, 2025 | 19:46
Rejected At-
▼CVE Numbering Authority (CNA)
RDMA/hfi1: Fix potential integer multiplication overflow errors

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. This is because the conversion is done after the multiplication. So arithmetic overflow and thus in incorrect value is possible. Correct an instance of this in the inter packet delay calculation. Fix by ensuring one of the operands is u64 which will promote the other to u64 as well ensuring no overflow.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/infiniband/hw/hfi1/init.c
Default Status
unaffected
Versions
Affected
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before 252f4afd4557a2e7075f793a5c80fe6dd9e9ee4a (git)
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before a89cb7ddf6a89bab6012e19da38b7cdb26175c19 (git)
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before 79c164e61f818054cd6012e9035701840d895c51 (git)
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before 8858284dd74906fa00f04f0252c75df4893a7959 (git)
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before 31dca00d0cc9f4133320d72eb7e3720badc6d6e6 (git)
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before 3f09ec80f115d2875d747ed28adc1773037e0f8b (git)
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before 06039d8afefdbac05bcea5f397188407eba2996d (git)
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before ef5ab2e48a5f9960e2352332b7cdb7064bb49032 (git)
  • From 7724105686e718ac476a6ad3304fea2fbcfcffde before f93e91a0372c922c20d5bee260b0f43b4b8a1bee (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/infiniband/hw/hfi1/init.c
Default Status
affected
Versions
Affected
  • 4.3
Unaffected
  • From 0 before 4.3 (semver)
  • From 4.9.318 through 4.9.* (semver)
  • From 4.14.283 through 4.14.* (semver)
  • From 4.19.247 through 4.19.* (semver)
  • From 5.4.198 through 5.4.* (semver)
  • From 5.10.121 through 5.10.* (semver)
  • From 5.15.46 through 5.15.* (semver)
  • From 5.17.14 through 5.17.* (semver)
  • From 5.18.3 through 5.18.* (semver)
  • From 5.19 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/252f4afd4557a2e7075f793a5c80fe6dd9e9ee4a
N/A
https://git.kernel.org/stable/c/a89cb7ddf6a89bab6012e19da38b7cdb26175c19
N/A
https://git.kernel.org/stable/c/79c164e61f818054cd6012e9035701840d895c51
N/A
https://git.kernel.org/stable/c/8858284dd74906fa00f04f0252c75df4893a7959
N/A
https://git.kernel.org/stable/c/31dca00d0cc9f4133320d72eb7e3720badc6d6e6
N/A
https://git.kernel.org/stable/c/3f09ec80f115d2875d747ed28adc1773037e0f8b
N/A
https://git.kernel.org/stable/c/06039d8afefdbac05bcea5f397188407eba2996d
N/A
https://git.kernel.org/stable/c/ef5ab2e48a5f9960e2352332b7cdb7064bb49032
N/A
https://git.kernel.org/stable/c/f93e91a0372c922c20d5bee260b0f43b4b8a1bee
N/A
Hyperlink: https://git.kernel.org/stable/c/252f4afd4557a2e7075f793a5c80fe6dd9e9ee4a
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a89cb7ddf6a89bab6012e19da38b7cdb26175c19
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/79c164e61f818054cd6012e9035701840d895c51
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/8858284dd74906fa00f04f0252c75df4893a7959
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/31dca00d0cc9f4133320d72eb7e3720badc6d6e6
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/3f09ec80f115d2875d747ed28adc1773037e0f8b
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/06039d8afefdbac05bcea5f397188407eba2996d
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/ef5ab2e48a5f9960e2352332b7cdb7064bb49032
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/f93e91a0372c922c20d5bee260b0f43b4b8a1bee
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-190CWE-190 Integer Overflow or Wraparound
Type: CWE
CWE ID: CWE-190
Description: CWE-190 Integer Overflow or Wraparound
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found