CVE-2022-50656 — Linux vulnerability

6 documents5 sources

Severity

—N/A

No vector

EPSS

0.1%

top 80.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfc_target before being used Fix a slab-out-of-bounds read that occurs in nla_put() called from nfc_genl_send_target() when target->sensb_res_len, which is duplicated from an nfc_target in pn533, is too large as the nfc_target is not properly initialized and retains garbage values. Clear nfc_targets with memset() before they are used. Found by a modified version of syzkaller. BUG: KASAN: slab-out-of-bounds …

Affected Packages4 packages

▶Linuxlinux/linux_kernel3.3.0 — 4.9.337+7

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux361f3cb7f9cfdb82c80926d0e7843c098c034545 — 9da4a0411f3455e3885831d0758bee3e3d565bbc+9

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-fqj4-9qj3-355r: In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfc_target before being used Fix a slab-out-of-bounds read tha↗2025-12-09

▶

OSV

CVE-2022-50656: In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Clear nfc_target before being used Fix a slab-out-of-bounds read that↗2025-12-09

▶

OSV

nfc: pn533: Clear nfc_target before being used↗2025-12-09

▶

📋Vendor Advisories

Red Hat

kernel: nfc: pn533: Clear nfc_target before being used↗2025-12-09

▶

Debian

CVE-2022-50656: linux - In the Linux kernel, the following vulnerability has been resolved: nfc: pn533:...↗2022

▶