CVE-2022-50623

Summary

In the Linux kernel, the following vulnerability has been resolved:

fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()

The "hdr.count * sizeof(s32)" multiplication can overflow on 32 bit systems leading to memory corruption. Use array_size() to fix that.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux322b598be4d9b9090cda560c4caab78704615ab4 < f59861946fa51bcc1f305809e4ebc1013b0ee61caffected
LinuxLinux322b598be4d9b9090cda560c4caab78704615ab4 < b94605f5cb99e90c8ca91523597a40e1bd59546baffected
LinuxLinux322b598be4d9b9090cda560c4caab78704615ab4 < 1b5a931594f7ffd26d706614c37d4da0f2ffb6e7affected
LinuxLinux322b598be4d9b9090cda560c4caab78704615ab4 < 940253af8b3865b76de8d1b46bcd4a700104852eaffected
LinuxLinux322b598be4d9b9090cda560c4caab78704615ab4 < 939bc5453b8cbdde9f1e5110ce8309aedb1b501aaffected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.10.150 <= 5.10.*unaffected
LinuxLinux5.15.75 <= 5.15.*unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References