CVE-2022-49749

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 27, 2025

Updated: Apr 14, 2025

CWE ID 190

Summary

CVE-2022-49749 is a vulnerability affecting the Linux kernel's i2c subsystem, specifically the designware driver. This issue arises due to the potential for overflow in the functions i2c_dw_scl_lcnt() and i2c_dw_scl_hcnt() when performing clock multiplication. The vulnerability occurs when the ic_clk parameter is larger than one million, causing a 32-bit multiplication overflow. To mitigate this issue, developers should cast the ic_clk parameter to u64 prior to the multiplication operation and utilize the corresponding define for division.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/4vVyqi
https://www.cve.org/CVERecord?id=CVE-2022-49749
https://nvd.nist.gov/vuln/detail/CVE-2022-49749

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2022-49749

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations