CVE-2022-48687

ipv6: sr: fix out-of-bounds read when setting HMAC data.

References

Notes

 carnil> Introduced in 4f4853dc1c9c1 ("ipv6: sr: implement API to control SR HMAC
 carnil> structure"). Vulnerable versions: 4.10-rc1.

Bugs

Status

Branch Status
4.19-buster-security released (4.19.260-1)
4.19-upstream-stable released (4.19.258) [f684c16971ed5e77dfa25a9ad25b5297e1f58eab]
5.10-bullseye-security released (5.10.148-1)
5.10-upstream-stable released (5.10.143) [076f2479fc5a15c4a970ca3b5e57d42ba09a31fa]
6.1-bookworm-security N/A "Fixed before branching point"
6.1-upstream-stable N/A "Fixed before branching point"
6.6-upstream-stable N/A "Fixed before branching point"
6.8-upstream-stable N/A "Fixed before branching point"
sid released (5.19.11-1)
upstream released (6.0-rc5) [84a53580c5d2138c7361c7c3eea5b31827e63b35]