CVE-2022-50142
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-19
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel relates to the intel_th driver, specifically the msu component. After a certain commit removed CONFIG_DMA_REMAP, there was a chance that DMA buffers could be allocated via vmalloc(), which caused issues with the memory mapping (mmapping) code, leading to faults during memory access. The fix involved properly handling the possibility of vmalloced buffers to prevent these faults.
How can this vulnerability impact me? :
This vulnerability can cause faults or crashes in the Linux kernel when accessing certain DMA buffers, potentially leading to system instability or denial of service due to improper memory mapping of vmalloced DMA buffers.