CVE-2022-50394Out-of-bounds Read in Linux

CWE-125Out-of-bounds ReadCWE-787Out-of-bounds Write5 documents5 sources
Severity
7.1HIGHNVD
EPSS
0.0%
top 96.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismt_access() When the driver does not check the data from the user, the variable 'data->block[0]' may be very large to cause an out-of-bounds bug. The following log can reveal it: [ 33.995542] i2c i2c-1: ioctl, cmd=0x720, arg=0x7ffcb3dc3a20 [ 33.995978] ismt_smbus 0000:00:05.0: I2C_SMBUS_BLOCK_DATA: WRITE [ 33.996475] ================================================================== [

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

NVDlinux/linux_kernel3.94.9.337+7
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux13f35ac14cd0a9a1c4f0034c4c40d0ae98844ce94a7bb1d93addb2f67e36fed00a53cb7f270d7b7a+9
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2022-50394: In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismt_access() When the driver does not chec2025-09-18
GHSA
GHSA-2wfh-xv6f-6623: In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: Fix an out-of-bounds bug in ismt_access() When the driver does not ch2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: i2c: ismt: Fix an out-of-bounds bug in ismt_access()2025-09-18
Debian
CVE-2022-50394: linux - In the Linux kernel, the following vulnerability has been resolved: i2c: ismt: ...2022
CVE-2022-50394 — Out-of-bounds Read in Linux | cvebase