7.8
CVE-2022-50030
- EPSS 0.19%
- Veröffentlicht 18.06.2025 11:01:33
- Zuletzt bearbeitet 13.11.2025 19:31:31
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, leaving space for NULL terminators.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.4.211
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.138
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.63
Linux ≫ Linux Kernel Version >= 5.16 < 5.19.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.083 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
https://git.kernel.org/stable/c/927907f1cbb3408cadde637fccfc17bb6b10a87d
https://git.kernel.org/stable/c/c29a4baaad38a332c0ae480cf6d6c5bf75ac1828
https://git.kernel.org/stable/c/b92506dc51f81741eb26609175ac206c20f06e0a
https://git.kernel.org/stable/c/2d544e9d19c109dfe34b3dc1253a8b2971abe060
https://git.kernel.org/stable/c/f8191d40aa612981ce897e66cda6a88db8df17bb