CVE-2022-50297Missing Standardized Error Handling Mechanism in Linux

CWE-544Missing Standardized Error Handling Mechanism4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 96.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LinuxLinux Kernel
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usb_endpoints are present The bug arises when a USB device claims to be an ATH9K but doesn't have the expected endpoints. (In this case there was an interrupt endpoint where the driver expected a bulk endpoint.) The kernel needs to be able to handle such devices without getting an internal error. usb 1-1: BOGUS urb xfer, pipe 3 != type 1 WARNING: CPU: 3 PID: 500 at drivers/usb/core/urb.c:493 u

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel2.6.354.9.337+7
Ubuntulinux/linux_kernel< 4.15.0-208.220+2
CVEListV5linux/linuxfb9987d0f748c983bb795a86f47522313f701a08932f0a5e829fb0b823f96d7fa9a0f4fc96660b77+9

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-875w-rw5x-m6vf: In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usb_endpoints are present The bug arises when a2025-09-15
OSV
CVE-2022-50297: In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: verify the expected usb_endpoints are present The bug arises when a U2025-09-15

📋Vendor Advisories

1
Red Hat
kernel: wifi: ath9k: verify the expected usb_endpoints are present2025-09-15
CVE-2022-50297 — Linux vulnerability | cvebase