CVE-2022-50876 — Linux vulnerability

7 documents6 sources

Severity

—N/A

No vector

EPSS

0.0%

top 84.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musb_gadget.c rxstate overflow bug The usb function device call musb_gadget_queue() adds the passed request to musb_ep::req_list,If the (request->length > musb_ep->packet_sz) and (is_buffer_mapped(req) return false),the rxstate() will copy all data in fifo to request->buf which may cause request->buf out of bounds. Fix it by add the length check : fifocnt = min_t(unsigned, request->length - request->actual, fif…

Affected Packages4 packages

▶Linuxlinux/linux_kernel4.3.0 — 4.9.331+7

▶Debianlinux/linux_kernel< 5.10.158-1+3

▶CVEListV5linux/linux03840fad004ce8a56bc8b3bb60a2df10f6f9481e — 826f84ab04a5cafe484ea9c2c85a3930068e5cb7+9

▶debiandebian/linux< linux 6.0.3-1 (bookworm)

🔴Vulnerability Details

OSV

usb: musb: Fix musb_gadget.c rxstate overflow bug↗2025-12-30

▶

GHSA

GHSA-6h2f-jvv5-3x53: In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musb_gadget↗2025-12-30

▶

OSV

CVE-2022-50876: In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musb_gadget↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: usb: musb: Fix musb_gadget.c rxstate overflow bug↗2025-12-30

▶

Debian

CVE-2022-50876: linux - In the Linux kernel, the following vulnerability has been resolved: usb: musb: ...↗2022

▶

🕵️Threat Intelligence

Wiz

CVE-2022-50876 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶