-

CVE-2022-50575

EPSS 0.04%
Veröffentlicht 22.10.2025 13:23:29
Zuletzt bearbeitet 22.10.2025 21:12:48
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()

As 'kdata.num' is user-controlled data, if user tries to allocate
memory larger than(>=) MAX_ORDER, then kcalloc() will fail, it
creates a stack trace and messes up dmesg with a warning.

Call trace:
-> privcmd_ioctl
--> privcmd_ioctl_mmap_resource

Add __GFP_NOWARN in order to avoid too large allocation warning.
This is detected by static analysis using smatch.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 5d68ae32d132ea2af73bc223fd64c46f85302a8b

Version 3ad0876554cafa368f574d4d408468510543e9ff

Status affected

Version < 4f983ee5e5de924d93a7bbb4e6f68f38c6256cd5

Version 3ad0876554cafa368f574d4d408468510543e9ff

Status affected

Version < 46026bb057c35f5bb111bf95e00cd8366d2e34d4

Version 3ad0876554cafa368f574d4d408468510543e9ff

Status affected

Version < 0bf874183b32eae2cc20e3c5be38ec3d33e7e564

Version 3ad0876554cafa368f574d4d408468510543e9ff

Status affected

Version < e0c5f1058ed96f2b7487560c4c4cbd768d13d065

Version 3ad0876554cafa368f574d4d408468510543e9ff

Status affected

Version < 4da411086f5ab32f811a89ef804980ec106ebb65

Version 3ad0876554cafa368f574d4d408468510543e9ff

Status affected

Version < 8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79

Version 3ad0876554cafa368f574d4d408468510543e9ff

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.18

Status affected

Version < 4.18

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.270

Status unaffected

Version <= 5.4.*

Version 5.4.229

Status unaffected

Version <= 5.10.*

Version 5.10.163

Status unaffected

Version <= 5.15.*

Version 5.15.86

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.096

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/5d68ae32d132ea2af73bc223fd64c46f85302a8b

https://git.kernel.org/stable/c/4f983ee5e5de924d93a7bbb4e6f68f38c6256cd5

https://git.kernel.org/stable/c/46026bb057c35f5bb111bf95e00cd8366d2e34d4

https://git.kernel.org/stable/c/0bf874183b32eae2cc20e3c5be38ec3d33e7e564

https://git.kernel.org/stable/c/e0c5f1058ed96f2b7487560c4c4cbd768d13d065

https://git.kernel.org/stable/c/4da411086f5ab32f811a89ef804980ec106ebb65

https://git.kernel.org/stable/c/8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79

https://nvd.nist.gov/vuln/detail/CVE-2022-50575

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50575

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50575

EUVD