CVE-2022-49743

In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy() destination The "buf" flexible array needs to be the memcpy() destination to avoid false positive run-time warning from the recent FORTIFY_SOURCE hardening: memcpy: detected field-spanning write (size 93) of single field "&fh->fb" at fs/overlayfs/export.c:799 (size 21)

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/012cdef22000f3104e4fa8224ad29fde509b8caf
https://git.kernel.org/stable/c/07a96977b2f462337a9121302de64277b8747ab1	Patch
https://git.kernel.org/stable/c/a77141a06367825d639ac51b04703d551163e36c	Patch
https://git.kernel.org/stable/c/cf8aa9bf97cadf85745506c6a3e244b22c268d63	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2025-03-27 17:15

Updated : 2026-01-19 13:16

NVD link : CVE-2022-49743

Mitre link : CVE-2022-49743

CVE.ORG link : CVE-2022-49743

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-noinfo

{"id": "CVE-2022-49743", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-03-27T17:15:38.967", "references": [{"url": "https://git.kernel.org/stable/c/012cdef22000f3104e4fa8224ad29fde509b8caf", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/07a96977b2f462337a9121302de64277b8747ab1", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a77141a06367825d639ac51b04703d551163e36c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cf8aa9bf97cadf85745506c6a3e244b22c268d63", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: Use \"buf\" flexible array for memcpy() destination\n\nThe \"buf\" flexible array needs to be the memcpy() destination to avoid\nfalse positive run-time warning from the recent FORTIFY_SOURCE\nhardening:\n\n memcpy: detected field-spanning write (size 93) of single field \"&fh->fb\"\n at fs/overlayfs/export.c:799 (size 21)"}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ovl: Usar la matriz flexible \"buf\" para el destino de memcpy() La matriz flexible \"buf\" debe ser el destino de memcpy() para evitar una advertencia de tiempo de ejecuci\u00f3n de falsos positivos del reciente endurecimiento de FORTIFY_SOURCE: memcpy: se detect\u00f3 una escritura que abarca el campo (tama\u00f1o 93) de un solo campo \"&fh->fb\" en fs/overlayfs/export.c:799 (tama\u00f1o 21)"}], "lastModified": "2026-01-19T13:16:06.403", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DF57B24-C3A2-4DF8-B3C1-A14A7C858DFE", "versionEndExcluding": "5.15.93"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "535D03F4-DA02-49FE-934E-668827E6407B", "versionEndExcluding": "6.1.11", "versionStartIncluding": "5.16"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}