CVE-2022-50649

Summary

In the Linux kernel, the following vulnerability has been resolved:

power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()

ADP5061_CHG_STATUS_1_CHG_STATUS is masked with 0x07, which means a length of 8, but adp5061_chg_type array size is 4, may end up reading 4 elements beyond the end of the adp5061_chg_type[] array.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxfe8e81b7e899968690e5e87c25727178921b5b9a < 24a0be36e9a21f63de2e6088607e689e59ec15f4affected
LinuxLinuxfe8e81b7e899968690e5e87c25727178921b5b9a < 3376a0cf138dfc90b449fde541ca228a33e1c143affected
LinuxLinuxfe8e81b7e899968690e5e87c25727178921b5b9a < 89f305a71418591cdda18180f712f91c9820f03baffected
LinuxLinuxfe8e81b7e899968690e5e87c25727178921b5b9a < 7c8bc374659de19d846f7cab3eda9ebdb005c4ccaffected
LinuxLinuxfe8e81b7e899968690e5e87c25727178921b5b9a < 038e4aa71281d0cbc8aeb56ba05ff7fc5653a106affected
LinuxLinuxfe8e81b7e899968690e5e87c25727178921b5b9a < dc52b73d3acd676ccbb440fcec617c547b903af2affected
LinuxLinuxfe8e81b7e899968690e5e87c25727178921b5b9a < 9d47e01b9d807808224347935562f7043a358054affected
LinuxLinux4.19affected
LinuxLinux0 < 4.19unaffected
LinuxLinux4.19.262 <= 4.19.*unaffected
LinuxLinux5.4.220 <= 5.4.*unaffected
LinuxLinux5.10.150 <= 5.10.*unaffected
LinuxLinux5.15.75 <= 5.15.*unaffected
LinuxLinux5.19.17 <= 5.19.*unaffected
LinuxLinux6.0.3 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References