-

CVE-2022-50156

EPSS 0.05%
Published 18.06.2025 11:03:13
Last modified 18.06.2025 13:47:40
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

HID: cp2112: prevent a buffer overflow in cp2112_xfer()

Smatch warnings:
drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy()
'data->block[1]' too small (33 vs 255)
drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'buf' too
small (64 vs 255)

The 'read_length' variable is provided by 'data->block[0]' which comes
from user and it(read_length) can take a value between 0-255. Add an
upper bound to 'read_length' variable to prevent a buffer overflow in
memcpy().

Affected products Warnungen 0 Metrics 1 CWE 0 References 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 3af7d60e9a6c17d6d41c4341f8020511887d372d

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < 519ff31a6ddd87aa4905bd9bf3b92e8b88801614

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < ebda3d6b004bb6127a66a616524a2de152302ca7

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < 8489a20ac481b08c0391608d81ed3796d373cfdf

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < e7028944e61014ae915e7fb74963d3835f2f761a

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < 26e427ac85c2b8d0d108cc80b6de34d33e2780c4

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

Version < 381583845d19cb4bd21c8193449385f3fefa9caf

Version 542134c0375b5ca2b1d18490c02b8a20bfdd8d74

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 4.15

Status affected

Version < 4.15

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.256

Status unaffected

Version <= 5.4.*

Version 5.4.211

Status unaffected

Version <= 5.10.*

Version 5.10.137

Status unaffected

Version <= 5.15.*

Version 5.15.61

Status unaffected

Version <= 5.18.*

Version 5.18.18

Status unaffected

Version <= 5.19.*

Version 5.19.2

Status unaffected

Version <= *

Version 6.0

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.131

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/3af7d60e9a6c17d6d41c4341f8020511887d372d

https://git.kernel.org/stable/c/519ff31a6ddd87aa4905bd9bf3b92e8b88801614

https://git.kernel.org/stable/c/ebda3d6b004bb6127a66a616524a2de152302ca7

https://git.kernel.org/stable/c/8489a20ac481b08c0391608d81ed3796d373cfdf

https://git.kernel.org/stable/c/e7028944e61014ae915e7fb74963d3835f2f761a

https://git.kernel.org/stable/c/26e427ac85c2b8d0d108cc80b6de34d33e2780c4

https://git.kernel.org/stable/c/381583845d19cb4bd21c8193449385f3fefa9caf

https://nvd.nist.gov/vuln/detail/CVE-2022-50156

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50156

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50156

EUVD