CVE-2022-50575Linux vulnerability

6 documents5 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 88.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource() As 'kdata.num' is user-controlled data, if user tries to allocate memory larger than(>=) MAX_ORDER, then kcalloc() will fail, it creates a stack trace and messes up dmesg with a warning. Call trace: -> privcmd_ioctl --> privcmd_ioctl_mmap_resource Add __GFP_NOWARN in order to avoid too large allocation warning. This is detected by static analysis using smat

Affected Packages4 packages

Linuxlinux/linux_kernel4.18.04.19.270+5
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux3ad0876554cafa368f574d4d408468510543e9ff5d68ae32d132ea2af73bc223fd64c46f85302a8b+7
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
OSV
xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()2025-10-22
OSV
CVE-2022-50575: In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource() As 'kdata2025-10-22
GHSA
GHSA-jhf6-8mmm-jxfr: In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource() As 'kdata2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()2025-10-22
Debian
CVE-2022-50575: linux - In the Linux kernel, the following vulnerability has been resolved: xen/privcmd...2022