CVE-2022-50307

EPSS 0.02%
Veröffentlicht 15.09.2025 14:46:02
Zuletzt bearbeitet 15.09.2025 15:22:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

s390/cio: fix out-of-bounds access on cio_ignore free

The channel-subsystem-driver scans for newly available devices whenever
device-IDs are removed from the cio_ignore list using a command such as:

  echo free >/proc/cio_ignore

Since an I/O device scan might interfer with running I/Os, commit
172da89ed0ea ("s390/cio: avoid excessive path-verification requests")
introduced an optimization to exclude online devices from the scan.

The newly added check for online devices incorrectly assumes that
an I/O-subchannel's drvdata points to a struct io_subchannel_private.
For devices that are bound to a non-default I/O subchannel driver, such
as the vfio_ccw driver, this results in an out-of-bounds read access
during each scan.

Fix this by changing the scan logic to rely on a driver-independent
online indication. For this we can use struct subchannel->config.ena,
which is the driver's requested subchannel-enabled state. Since I/Os
can only be started on enabled subchannels, this matches the intent
of the original optimization of not scanning devices where I/O might
be running.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 0e501fd0f38e42304bfa0d46a812d93f80294a87

Version 172da89ed0eaf9d9348f5decb86ad04c624b39d1

Status affected

Version < 106ab66cf5467726ca5ead51623043d37c06820a

Version 172da89ed0eaf9d9348f5decb86ad04c624b39d1

Status affected

Version < 1b6074112742f65ece71b0f299ca5a6a887d2db6

Version 172da89ed0eaf9d9348f5decb86ad04c624b39d1

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.15

Status affected

Version < 5.15

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.78

Status unaffected

Version <= 6.0.*

Version 6.0.7

Status unaffected

Version <= *

Version 6.1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.043

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/0e501fd0f38e42304bfa0d46a812d93f80294a87

https://git.kernel.org/stable/c/106ab66cf5467726ca5ead51623043d37c06820a

https://git.kernel.org/stable/c/1b6074112742f65ece71b0f299ca5a6a887d2db6

https://nvd.nist.gov/vuln/detail/CVE-2022-50307

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50307

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50307

EUVD