CVE-2022-50399
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: atomisp: prevent integer overflow in sh_css_set_black_frame()
The "height" and "width" values come from the user so the "height * width" multiplication can overflow.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | a49d25364dfb9f8a64037488a39ab1f56c5fa419 < 51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654 | affected |
| Linux | Linux | ad85094b293e40e7a2f831b0311a389d952ebd5e < a560aeac2f2d284903b5900774765d7fc61547bc | affected |
| Linux | Linux | ad85094b293e40e7a2f831b0311a389d952ebd5e < a549517e4b761f3940011db30320cb8c9badde54 | affected |
| Linux | Linux | ad85094b293e40e7a2f831b0311a389d952ebd5e < 3ad290194bb06979367622e47357462836c1d3b4 | affected |
| Linux | Linux | 4.12 | affected |
| Linux | Linux | 5.8 | affected |
| Linux | Linux | 0 < 4.12 | unaffected |
| Linux | Linux | 4.18 < 5.8 | unaffected |
| Linux | Linux | 5.15.77 <= 5.15.* | unaffected |
| Linux | Linux | 6.0.7 <= 6.0.* | unaffected |
| Linux | Linux | 6.1 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654
- https://git.kernel.org/stable/c/a560aeac2f2d284903b5900774765d7fc61547bc
- https://git.kernel.org/stable/c/a549517e4b761f3940011db30320cb8c9badde54
- https://git.kernel.org/stable/c/3ad290194bb06979367622e47357462836c1d3b4
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.