CVE-2022-50399

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: atomisp: prevent integer overflow in sh_css_set_black_frame()

The "height" and "width" values come from the user so the "height * width" multiplication can overflow.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa49d25364dfb9f8a64037488a39ab1f56c5fa419 < 51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654affected
LinuxLinuxad85094b293e40e7a2f831b0311a389d952ebd5e < a560aeac2f2d284903b5900774765d7fc61547bcaffected
LinuxLinuxad85094b293e40e7a2f831b0311a389d952ebd5e < a549517e4b761f3940011db30320cb8c9badde54affected
LinuxLinuxad85094b293e40e7a2f831b0311a389d952ebd5e < 3ad290194bb06979367622e47357462836c1d3b4affected
LinuxLinux4.12affected
LinuxLinux5.8affected
LinuxLinux0 < 4.12unaffected
LinuxLinux4.18 < 5.8unaffected
LinuxLinux5.15.77 <= 5.15.*unaffected
LinuxLinux6.0.7 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References