{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49143", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "REJECTED", "assignerShortName": "Linux", "dateReserved": "2025-02-26T01:49:39.269Z", "datePublished": "2025-02-26T01:55:13.332Z", "dateUpdated": "2025-02-26T14:56:03.171Z", "dateRejected": "2025-02-26T14:56:03.171Z"}, "containers": {"cna": {"rejectedReasons": [{"lang": "en", "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-02-26T14:56:03.171Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}], "id": "CVE-2022-49143", "lastModified": "2025-02-26T15:15:15.857", "metrics": {}, "published": "2025-02-26T07:00:51.513", "references": [], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Rejected"}

{"bugzilla": {"description": "kernel: nbd: fix possible overflow on 'first_minor' in nbd_dev_add()", "id": "2347893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347893"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-190", "details": ["A vulnerability was found in the Linux kernel's Network Block Device (NBD) subsystem. The issue involved a potential integer overflow in the nbd_dev_add() function, where large values of the index parameter could lead to incorrect calculations of the first_minor value. This miscalculation may result in the creation of duplicate device entries in the sysfs filesystem, causing system instability or other unintended behaviors."], "name": "CVE-2022-49143", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-02-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49143\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49143\nhttps://lore.kernel.org/linux-cve-announce/2025022607-CVE-2022-49143-d2d8@gregkh/T"], "statement": "This CVE has since been rejected by its CVE Numbering Authority (CNA), kernel.org. According to the National Vulnerability Database (NVD), the rejection indicates that the CVE ID has been withdrawn and should not be used as a reference for this issue.", "threat_severity": "Moderate"}