CVE-2022-50781 — Numeric Range Comparison Without Minimum Check in Linux

CWE-839 — Numeric Range Comparison Without Minimum Check7 documents6 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at 2 but not checked for negative values so it results in an out of bounds read. This value comes from the user via sysfs.

Affected Packages4 packages

▶Linuxlinux/linux_kernel4.20.0 — 5.4.229+4

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linuxd5bf26539494d16dfabbbea0854a47d202ea15c0 — 4d3dc0de9c46d9f73be6bac026e40b893e37ea21+6

▶debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

OSV

amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()↗2025-12-24

▶

GHSA

GHSA-jqf8-w9mv-cm82: In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_E↗2025-12-24

▶

OSV

CVE-2022-50781: In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDI↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()↗2025-12-24

▶

Debian

CVE-2022-50781: linux - In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: ...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50781 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶