CVE-2022-50781
Unknown Unknown - Not Provided
Array Underflow in Linux amdgpu Driver Causes Out-of-Bounds Read

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at 2 but not checked for negative values so it results in an out of bounds read. This value comes from the user via sysfs.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50781
EUVD
EUVD-2022-55780
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an array underflow issue in the Linux kernel's amdgpu driver, specifically in the vega20_odn_edit_dpm_table() function. The variable 'input_index' is limited to a maximum value of 2 but is not checked for negative values, which can lead to an out-of-bounds read. The problematic value is provided by the user through sysfs.

Impact Analysis

The vulnerability can lead to an out-of-bounds read in kernel memory, which may cause system instability, crashes, or potentially allow an attacker to read sensitive kernel memory. Since the input comes from user space via sysfs, a local attacker could exploit this to compromise system security or cause denial of service.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50781. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart