CVE-2022-50867 — Linux vulnerability

7 documents6 sources

Severity

—N/A

No vector

EPSS

0.0%

top 92.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage adreno_show_object() is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kvmalloc/ kvfree(). Which means the data *passed* to it must be kvmalloc'd, ie. we cannot use the state_kcalloc() helper. This partially reverts commit ec8f1813bf8d ("drm/msm/a6xx: Replace kcalloc() with kvzalloc()"), but adds the missing kvfree()…

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.17.0 — 6.0.7

▶Debianlinux/linux_kernel< 6.0.7-1+2

▶CVEListV5linux/linuxb859f9b009bbfbc236d9b076c64c59ccb41b8737 — 4b1bbc0571a5d7ee10f754186dc3d619b9ced5c1+2

▶debiandebian/linux< linux 6.0.7-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2022-50867: In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage adreno_show_object() is a trap!↗2025-12-30

▶

OSV

drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage↗2025-12-30

▶

GHSA

GHSA-9wcr-h5vx-c3h9: In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage adreno_show_object() is a trap↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: drm/msm/a6xx: Replace kcalloc() with kvzalloc()↗2025-12-30

▶

Debian

CVE-2022-50867: linux - In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6x...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50867 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶