CVE-2022-50733Access of Uninitialized Pointer in Linux

CWE-824Access of Uninitialized Pointer7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 84.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset label. However, this leads to the data in bulk_in_buffer[HEADER..IMGSIZE] uninitialized. And the check for valid image incurs an uninitialized dereference. Fix this by moving the check before reset label since this check only be valid if the data after bulk_in_buffer[HEADER] has concrete data. Note th

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.134.9.331+7
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linux4244f72436ab77c3c29a6447af81734ab3925d85b3304a6df957cc89a0590cb505388d659bf3db4c+9
debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

3
OSV
usb: idmouse: fix an uninit-value in idmouse_open2025-12-24
GHSA
GHSA-3qmv-4mq3-fcr8: In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if an2025-12-24
OSV
CVE-2022-50733: In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: usb: idmouse: fix an uninit-value in idmouse_open2025-12-24
Debian
CVE-2022-50733: linux - In the Linux kernel, the following vulnerability has been resolved: usb: idmous...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50733 Impact, Exploitability, and Mitigation Steps | Wiz