{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "cveId": "CVE-2022-48987",
        "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "state": "PUBLISHED",
        "assignerShortName": "Linux",
        "dateReserved": "2024-08-22T01:27:53.634Z",
        "datePublished": "2024-10-21T20:06:03.328Z",
        "dateUpdated": "2024-10-22T13:18:42.763Z"
    },
    "containers": {
        "cna": {
            "providerMetadata": {
                "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
                "shortName": "Linux",
                "dateUpdated": "2024-10-21T20:06:03.328Z"
            },
            "descriptions": [
                {
                    "lang": "en",
                    "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-dv-timings.c: fix too strict blanking sanity checks\n\nSanity checks were added to verify the v4l2_bt_timings blanking fields\nin order to avoid integer overflows when userspace passes weird values.\n\nBut that assumed that userspace would correctly fill in the front porch,\nbackporch and sync values, but sometimes all you know is the total\nblanking, which is then assigned to just one of these fields.\n\nAnd that can fail with these checks.\n\nSo instead set a maximum for the total horizontal and vertical\nblanking and check that each field remains below that.\n\nThat is still sufficient to avoid integer overflows, but it also\nallows for more flexibility in how userspace fills in these fields."
                }
            ],
            "affected": [
                {
                    "product": "Linux",
                    "vendor": "Linux",
                    "defaultStatus": "unaffected",
                    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                    "programFiles": [
                        "drivers/media/v4l2-core/v4l2-dv-timings.c"
                    ],
                    "versions": [
                        {
                            "version": "15ded23db134",
                            "lessThan": "0d73b49c4037",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "3d43b2b8a3cd",
                            "lessThan": "a2b56627c0d1",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "9cf9211635b6",
                            "lessThan": "2572ab14b73a",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "b4a3a01762ae",
                            "lessThan": "4afc77068e36",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "683015ae1634",
                            "lessThan": "32f01f0306a9",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "491c0959f01d",
                            "lessThan": "6fb8bc29bfa8",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "dc7276c3f6ca",
                            "lessThan": "d3d14cdf1c7a",
                            "status": "affected",
                            "versionType": "git"
                        },
                        {
                            "version": "4b6d66a45ed3",
                            "lessThan": "5eef2141776d",
                            "status": "affected",
                            "versionType": "git"
                        }
                    ]
                },
                {
                    "product": "Linux",
                    "vendor": "Linux",
                    "defaultStatus": "unaffected",
                    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                    "programFiles": [
                        "drivers/media/v4l2-core/v4l2-dv-timings.c"
                    ],
                    "versions": [
                        {
                            "version": "4.9.332",
                            "lessThan": "4.9.336",
                            "status": "affected",
                            "versionType": "custom"
                        },
                        {
                            "version": "4.14.298",
                            "lessThan": "4.14.302",
                            "status": "affected",
                            "versionType": "custom"
                        },
                        {
                            "version": "4.19.264",
                            "lessThan": "4.19.269",
                            "status": "affected",
                            "versionType": "custom"
                        },
                        {
                            "version": "5.4.223",
                            "lessThan": "5.4.227",
                            "status": "affected",
                            "versionType": "custom"
                        },
                        {
                            "version": "5.10.153",
                            "lessThan": "5.10.159",
                            "status": "affected",
                            "versionType": "custom"
                        },
                        {
                            "version": "5.15.77",
                            "lessThan": "5.15.83",
                            "status": "affected",
                            "versionType": "custom"
                        },
                        {
                            "version": "6.0.7",
                            "lessThan": "6.0.13",
                            "status": "affected",
                            "versionType": "custom"
                        }
                    ]
                }
            ],
            "references": [
                {
                    "url": "https://git.kernel.org/stable/c/0d73b49c4037199472b29574ae21c21aef493971"
                },
                {
                    "url": "https://git.kernel.org/stable/c/a2b56627c0d13009e02f6f2c0206c0451ed19a0e"
                },
                {
                    "url": "https://git.kernel.org/stable/c/2572ab14b73aa45b6ae7e4c089ccf119fed5cf89"
                },
                {
                    "url": "https://git.kernel.org/stable/c/4afc77068e36cee45b39d4fdc7513de26980f72c"
                },
                {
                    "url": "https://git.kernel.org/stable/c/32f01f0306a98629508f84d7ef0d1d037bc274a2"
                },
                {
                    "url": "https://git.kernel.org/stable/c/6fb8bc29bfa80707994a63cc97e2f9920e0b0608"
                },
                {
                    "url": "https://git.kernel.org/stable/c/d3d14cdf1c7ae2caa3e999bae95ba99e955fb7c3"
                },
                {
                    "url": "https://git.kernel.org/stable/c/5eef2141776da02772c44ec406d6871a790761ee"
                }
            ],
            "title": "media: v4l2-dv-timings.c: fix too strict blanking sanity checks",
            "x_generator": {
                "engine": "bippy-c9c4e1df01b2"
            }
        },
        "adp": [
            {
                "metrics": [
                    {
                        "other": {
                            "type": "ssvc",
                            "content": {
                                "id": "CVE-2022-48987",
                                "role": "CISA Coordinator",
                                "options": [
                                    {
                                        "Exploitation": "none"
                                    },
                                    {
                                        "Automatable": "no"
                                    },
                                    {
                                        "Technical Impact": "partial"
                                    }
                                ],
                                "version": "2.0.3",
                                "timestamp": "2024-10-22T13:17:04.941322Z"
                            }
                        }
                    }
                ],
                "title": "CISA ADP Vulnrichment",
                "providerMetadata": {
                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "shortName": "CISA-ADP",
                    "dateUpdated": "2024-10-22T13:18:42.763Z"
                }
            }
        ]
    }
}