CVE-2022-50169

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()

The simple_write_to_buffer() function will succeed if even a single byte is initialized. However, we need to initialize the whole buffer to prevent information leaks. Just use memdup_user().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxff974e4083341383d3dd4079e52ed30f57f376f0 < c1216e699a1ce83ea005510844bd7508d34c6cefaffected
LinuxLinuxff974e4083341383d3dd4079e52ed30f57f376f0 < 4615458db7793fadc6d546ac3564b36819e77a22affected
LinuxLinuxff974e4083341383d3dd4079e52ed30f57f376f0 < 60c9983425167ec5073c628d83a6875760d18059affected
LinuxLinuxff974e4083341383d3dd4079e52ed30f57f376f0 < 05ceda14ef7c73104e709c414c3680d8a59f51d4affected
LinuxLinuxff974e4083341383d3dd4079e52ed30f57f376f0 < 074e865b37da55aa87baa16d68b96896f85f8adbaffected
LinuxLinuxff974e4083341383d3dd4079e52ed30f57f376f0 < 789edc1af9c1a2293956e8534bfef3d18d629de9affected
LinuxLinuxff974e4083341383d3dd4079e52ed30f57f376f0 < 67470920cd3f3cb38699b1ad23234f96bead4d21affected
LinuxLinuxff974e4083341383d3dd4079e52ed30f57f376f0 < 7a4836560a6198d245d5732e26f94898b12eb760affected
LinuxLinux3.17affected
LinuxLinux0 < 3.17unaffected
LinuxLinux4.14.291 <= 4.14.*unaffected
LinuxLinux4.19.256 <= 4.19.*unaffected
LinuxLinux5.4.211 <= 5.4.*unaffected
LinuxLinux5.10.137 <= 5.10.*unaffected
LinuxLinux5.15.61 <= 5.15.*unaffected
LinuxLinux5.18.18 <= 5.18.*unaffected
LinuxLinux5.19.2 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References