-

CVE-2022-50080

EPSS 0.04%
Veröffentlicht 18.06.2025 11:02:23
Zuletzt bearbeitet 18.06.2025 13:47:40
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

tee: add overflow check in register_shm_helper()

With special lengths supplied by user space, register_shm_helper() has
an integer overflow when calculating the number of pages covered by a
supplied user space memory region.

This causes internal_get_user_pages_fast() a helper function of
pin_user_pages_fast() to do a NULL pointer dereference:

  Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010
  Modules linked in:
  CPU: 1 PID: 173 Comm: optee_example_a Not tainted 5.19.0 #11
  Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015
  pc : internal_get_user_pages_fast+0x474/0xa80
  Call trace:
   internal_get_user_pages_fast+0x474/0xa80
   pin_user_pages_fast+0x24/0x4c
   register_shm_helper+0x194/0x330
   tee_shm_register_user_buf+0x78/0x120
   tee_ioctl+0xd0/0x11a0
   __arm64_sys_ioctl+0xa8/0xec
   invoke_syscall+0x48/0x114

Fix this by adding an an explicit call to access_ok() in
tee_shm_register_user_buf() to catch an invalid user space address
early.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < b37e0f17653c00b586cdbcdf0dbca475358ecffd

Version 033ddf12bcf5326b93bd604f50a7474a434a35f9

Status affected

Version < 965333345fe952cc7eebc8e3a565ffc709441af2

Version 033ddf12bcf5326b93bd604f50a7474a434a35f9

Status affected

Version < 578c349570d2a912401963783b36e0ec7a25c053

Version 033ddf12bcf5326b93bd604f50a7474a434a35f9

Status affected

Version < c12f0e6126ad223806a365084e86370511654bf1

Version 033ddf12bcf5326b93bd604f50a7474a434a35f9

Status affected

Version < 2f8e79a1a6128214cb9b205a9869341af5dfb16b

Version 033ddf12bcf5326b93bd604f50a7474a434a35f9

Status affected

Version < 58c008d4d398f792ca67f35650610864725518fd

Version 033ddf12bcf5326b93bd604f50a7474a434a35f9

Status affected

Version < 573ae4f13f630d6660008f1974c0a8a29c30e18a

Version 033ddf12bcf5326b93bd604f50a7474a434a35f9

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.16

Status affected

Version < 4.16

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.256

Status unaffected

Version <= 5.4.*

Version 5.4.211

Status unaffected

Version <= 5.10.*

Version 5.10.137

Status unaffected

Version <= 5.15.*

Version 5.15.62

Status unaffected

Version <= 5.18.*

Version 5.18.19

Status unaffected

Version <= 5.19.*

Version 5.19.3

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.094

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/b37e0f17653c00b586cdbcdf0dbca475358ecffd

https://git.kernel.org/stable/c/965333345fe952cc7eebc8e3a565ffc709441af2

https://git.kernel.org/stable/c/578c349570d2a912401963783b36e0ec7a25c053

https://git.kernel.org/stable/c/c12f0e6126ad223806a365084e86370511654bf1

https://git.kernel.org/stable/c/2f8e79a1a6128214cb9b205a9869341af5dfb16b

https://git.kernel.org/stable/c/58c008d4d398f792ca67f35650610864725518fd

https://git.kernel.org/stable/c/573ae4f13f630d6660008f1974c0a8a29c30e18a

https://nvd.nist.gov/vuln/detail/CVE-2022-50080

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50080

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50080

EUVD