CVE-2022-50518
BaseFortify
Publication date: 2025-10-07
Last updated on: 2026-03-17
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 2.6.25 |
| linux | linux_kernel | From 6.1 (inc) to 6.1.4 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-667 | The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves improper locking in the pdc_iodc_print() firmware call on parisc architecture. The issue was that parallel modifications to the iodc_dbuf[] buffer were not properly protected, which could lead to race conditions or buffer overflows. The fix involved using the pdc_lock spinlock to protect these modifications, checking the length to prevent buffer overflow, dropping the iodc_retbuf[] buffer, and correcting some code indentations.
How can this vulnerability impact me? :
The vulnerability could potentially lead to buffer overflows or race conditions in the Linux kernel on parisc systems, which might cause system instability, crashes, or possibly allow an attacker to execute arbitrary code or escalate privileges. However, specific impacts are not detailed in the provided information.