-

CVE-2022-50763

EPSS 0.03%
Veröffentlicht 24.12.2025 13:05:54
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

crypto: marvell/octeontx - prevent integer overflows

The "code_length" value comes from the firmware file.  If your firmware
is untrusted realistically there is probably very little you can do to
protect yourself.  Still we try to limit the damage as much as possible.
Also Smatch marks any data read from the filesystem as untrusted and
prints warnings if it not capped correctly.

The "code_length * 2" can overflow.  The round_up(ucode_size, 16) +
sizeof() expression can overflow too.  Prevent these overflows.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 7bfa7d67735381715c98091194e81e7685f9b7db

Version d9110b0b01ff1cd02751cd5c2c94e938a8906083

Status affected

Version < 12acfa1059ad69aa352ddb2bf23ba1b831aff15f

Version d9110b0b01ff1cd02751cd5c2c94e938a8906083

Status affected

Version < 8f5eee162e55175d9dac98b5e9b8da76449d2257

Version d9110b0b01ff1cd02751cd5c2c94e938a8906083

Status affected

Version < e7ff7a46baafd38d7ed45604397e650d61f5db8d

Version d9110b0b01ff1cd02751cd5c2c94e938a8906083

Status affected

Version < caca37cf6c749ff0303f68418cfe7b757a4e0697

Version d9110b0b01ff1cd02751cd5c2c94e938a8906083

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.7

Status affected

Version < 5.7

Version 0

Status unaffected

Version <= 5.10.*

Version 5.10.150

Status unaffected

Version <= 5.15.*

Version 5.15.75

Status unaffected

Version <= 5.19.*

Version 5.19.17

Status unaffected

Version <= 6.0.*

Version 6.0.3

Status unaffected

Version <= *

Version 6.1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.065

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/7bfa7d67735381715c98091194e81e7685f9b7db

https://git.kernel.org/stable/c/12acfa1059ad69aa352ddb2bf23ba1b831aff15f

https://git.kernel.org/stable/c/8f5eee162e55175d9dac98b5e9b8da76449d2257

https://git.kernel.org/stable/c/e7ff7a46baafd38d7ed45604397e650d61f5db8d

https://git.kernel.org/stable/c/caca37cf6c749ff0303f68418cfe7b757a4e0697

https://nvd.nist.gov/vuln/detail/CVE-2022-50763

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50763

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50763

EUVD