CVE-2022-50763Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to limit the damage as much as possible. Also Smatch marks any data read from the filesystem as untrusted and prints warnings if it not capped correctly. The "code_length * 2" can overflow. The round_up(

Affected Packages4 packages

Linuxlinux/linux_kernel5.7.05.10.150+3
Debianlinux/linux_kernel< 5.10.158-1+3
CVEListV5linux/linuxd9110b0b01ff1cd02751cd5c2c94e938a89060837bfa7d67735381715c98091194e81e7685f9b7db+5
debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-xp8v-ff5g-65c6: In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "code_length" value com2025-12-24
OSV
CVE-2022-50763: In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "code_length" value comes2025-12-24
OSV
crypto: marvell/octeontx - prevent integer overflows2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: crypto: marvell/octeontx - prevent integer overflows2025-12-24
Debian
CVE-2022-50763: linux - In the Linux kernel, the following vulnerability has been resolved: crypto: mar...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50763 Impact, Exploitability, and Mitigation Steps | Wiz