CVE-2022-50849Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents6 sources
Severity
5.9MEDIUM
No vector
EPSS
0.0%
top 84.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP An oops can be induced by running 'cat /proc/kcore > /dev/null' on devices using pstore with the ram backend because kmap_atomic() assumes lowmem pages are accessible with __va(). Unable to handle kernel paging request at virtual address ffffff807ff2b000 Mem abort info: ESR = 0x96000006 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x0

Affected Packages4 packages

Linuxlinux/linux_kernel3.4.04.9.337+7
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux404a6043385de17273624b076599669db5ad891f1579bed1613802a323a1e14567faa95c149e105e+9
debiandebian/linux< linux 6.1.4-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2022-50849: In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP An oops can be induced by ru2025-12-30
GHSA
GHSA-pm3x-6f4f-jm2x: In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP An oops can be induced by2025-12-30
OSV
pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP2025-12-30
Debian
CVE-2022-50849: linux - In the Linux kernel, the following vulnerability has been resolved: pstore: Avo...2022

🕵️Threat Intelligence

1
Wiz
CVE-2022-50849 Impact, Exploitability, and Mitigation Steps | Wiz