CVE-2022-50749 — Integer Overflow or Wraparound in Linux

CWE-190 — Integer Overflow or Wraparound7 documents6 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 84.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is descripted with following codes: > 317 static comp_t encode_comp_t(u64 value) > 318 { > 319 int exp, rnd; ...... > 341 exp 342 exp += value; > 343 return exp; > 344 } Currently comp_t is defined as type of '__u16', but the variable 'exp' is type of 'int', so overflow would happen when variable 'exp' in line 343 is greater than 65535.

Affected Packages4 packages

▶Linuxlinux/linux_kernel2.6.12 — 4.9.337+7

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 — e93f995a591c352d35d89c518c54f790e1537754+9

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

OSV

acct: fix potential integer overflow in encode_comp_t()↗2025-12-24

▶

OSV

CVE-2022-50749: In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is de↗2025-12-24

▶

GHSA

GHSA-xpg5-5j2p-2g3r: In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encode_comp_t() The integer overflow is↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: acct: fix potential integer overflow in encode_comp_t()↗2025-12-24

▶

Debian

CVE-2022-50749: linux - In the Linux kernel, the following vulnerability has been resolved: acct: fix p...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50749 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶