CVE-2022-50497Out-of-bounds Read in Linux

CWE-125Out-of-bounds ReadCWE-681Incorrect Conversion between Numeric Types5 documents5 sources
Severity
7.1HIGHNVD
EPSS
0.0%
top 97.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: fix shift-out-of-bounds in check_special_flags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106 ubsan_epilogue+0xa/0x44 lib/ubsan.c:151 __ubsan_handle_shift_out_of_bounds+0x1e7/0x208 lib/ubsan.c:322 check_special_flags fs/binfmt_misc.c:241 [inline] crea

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages4 packages

NVDlinux/linux_kernel2.6.12.14.9.337+8
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac20f1a48994b3e516d5c7fd5d12204fdba7a604771+9
debiandebian/linux< linux 6.1.4-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-vwgj-v875-v924: In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: fix shift-out-of-bounds in check_special_flags UBSAN reported a shi2025-10-04
OSV
CVE-2022-50497: In the Linux kernel, the following vulnerability has been resolved: binfmt_misc: fix shift-out-of-bounds in check_special_flags UBSAN reported a shift2025-10-04

📋Vendor Advisories

2
Red Hat
kernel: binfmt_misc: fix shift-out-of-bounds in check_special_flags2025-10-04
Debian
CVE-2022-50497: linux - In the Linux kernel, the following vulnerability has been resolved: binfmt_misc...2022