CVE-2022-50701Incorrect Calculation of Buffer Size in Linux

CWE-131Incorrect Calculation of Buffer Size7 documents6 sources
Severity
6.3MEDIUM
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level operation, increase skb size to keep valid memory access in SDIO host. Error message: [69.951] BUG: KASAN: slab-out-of-bounds in sg_copy_buffer+0xe9/0x1a0 [69.951] Read of size 64 at addr ffff88811c9cf000 by

Affected Packages4 packages

Linuxlinux/linux_kernel5.16.06.1.16+1
Debianlinux/linux_kernel< 6.1.20-1+2
CVEListV5linux/linux764dee47e2c1ed828c8a51cbf58f89b5e3ded11b8b5174a7f25d03df0ffa171ff86de383a89e8e89+3
debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-9vm9-fqq4-5wqv: In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need ad2025-12-24
OSV
wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host2025-12-24
OSV
CVE-2022-50701: In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addt2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host2025-12-24
Debian
CVE-2022-50701: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: mt76:...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50701 Impact, Exploitability, and Mitigation Steps | Wiz