{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T04:06:18.475","vulnerabilities":[{"cve":{"id":"CVE-2022-49269","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-02-26T07:01:03.813","lastModified":"2025-10-21T11:46:33.073","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: isotp: sanitize CAN ID checks in isotp_bind()\n\nSyzbot created an environment that lead to a state machine status that\ncan not be reached with a compliant CAN ID address configuration.\nThe provided address information consisted of CAN ID 0x6000001 and 0xC28001\nwhich both boil down to 11 bit CAN IDs 0x001 in sending and receiving.\n\nSanitize the SFF/EFF CAN ID values before performing the address checks."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: isotp: sanitize CAN ID checks in isotp_bind() Syzbot creó un entorno que condujo a un estado de máquina de estados al que no se puede acceder con una configuración de dirección CAN ID compatible. La información de dirección proporcionada consistía en CAN ID 0x6000001 y 0xC28001, que se reducen a 11 bits CAN ID 0x001 en envío y recepción. Sanitize los valores SFF/EFF CAN ID antes de realizar las comprobaciones de dirección."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"5.10.110","matchCriteriaId":"82C11719-A3ED-44AA-A1F9-7C33D4423A54"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.33","matchCriteriaId":"27C42AE8-B387-43E2-938A-E1C8B40BE6D5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.16.19","matchCriteriaId":"20C43679-0439-405A-B97F-685BEE50613B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"5.17.2","matchCriteriaId":"210C679C-CF84-44A3-8939-E629C87E54BF"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3ea566422cbde9610c2734980d1286ab681bb40e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7b4652fc71dcec043977a6def80ef5034c913615","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cf522d741f5301223cc94b978eb1603c7590d65e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d72866a7f5326160d2a9d945a33eb6ef1883e25d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f343dbe82314ab457153c9afd970be4e9e553020","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}