-

CVE-2022-50156

EPSS 0.05%
Veröffentlicht 18.06.2025 11:03:13
Zuletzt bearbeitet 18.06.2025 13:47:40
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

HID: cp2112: prevent a buffer overflow in cp2112_xfer()

Smatch warnings:
drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy()
'data->block[1]' too small (33 vs 255)
drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'buf' too
small (64 vs 255)

The 'read_length' variable is provided by 'data->block[0]' which comes
from user and it(read_length) can take a value between 0-255. Add an
upper bound to 'read_length' variable to prevent a buffer overflow in
memcpy().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 3af7d60e9a6c17d6d41c4341f8020511887d372d

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < 519ff31a6ddd87aa4905bd9bf3b92e8b88801614

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < ebda3d6b004bb6127a66a616524a2de152302ca7

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < 8489a20ac481b08c0391608d81ed3796d373cfdf

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < e7028944e61014ae915e7fb74963d3835f2f761a

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < 26e427ac85c2b8d0d108cc80b6de34d33e2780c4

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < 381583845d19cb4bd21c8193449385f3fefa9caf

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.15

Status affected

Version < 4.15

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.256

Status unaffected

Version <= 5.4.*

Version 5.4.211

Status unaffected

Version <= 5.10.*

Version 5.10.137

Status unaffected

Version <= 5.15.*

Version 5.15.61

Status unaffected

Version <= 5.18.*

Version 5.18.18

Status unaffected

Version <= 5.19.*

Version 5.19.2

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.131

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/3af7d60e9a6c17d6d41c4341f8020511887d372d

https://git.kernel.org/stable/c/519ff31a6ddd87aa4905bd9bf3b92e8b88801614

https://git.kernel.org/stable/c/ebda3d6b004bb6127a66a616524a2de152302ca7

https://git.kernel.org/stable/c/8489a20ac481b08c0391608d81ed3796d373cfdf

https://git.kernel.org/stable/c/e7028944e61014ae915e7fb74963d3835f2f761a

https://git.kernel.org/stable/c/26e427ac85c2b8d0d108cc80b6de34d33e2780c4

https://git.kernel.org/stable/c/381583845d19cb4bd21c8193449385f3fefa9caf

https://nvd.nist.gov/vuln/detail/CVE-2022-50156

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50156

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50156

EUVD