CVE-2022-50763 (GCVE-0-2022-50763)
Vulnerability from cvelistv5
Published
2025-12-24 13:05
Modified
2025-12-24 13:05
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
crypto: marvell/octeontx - prevent integer overflows
The "code_length" value comes from the firmware file. If your firmware
is untrusted realistically there is probably very little you can do to
protect yourself. Still we try to limit the damage as much as possible.
Also Smatch marks any data read from the filesystem as untrusted and
prints warnings if it not capped correctly.
The "code_length * 2" can overflow. The round_up(ucode_size, 16) +
sizeof() expression can overflow too. Prevent these overflows.
References
Impacted products
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7bfa7d67735381715c98091194e81e7685f9b7db",
"status": "affected",
"version": "d9110b0b01ff1cd02751cd5c2c94e938a8906083",
"versionType": "git"
},
{
"lessThan": "12acfa1059ad69aa352ddb2bf23ba1b831aff15f",
"status": "affected",
"version": "d9110b0b01ff1cd02751cd5c2c94e938a8906083",
"versionType": "git"
},
{
"lessThan": "8f5eee162e55175d9dac98b5e9b8da76449d2257",
"status": "affected",
"version": "d9110b0b01ff1cd02751cd5c2c94e938a8906083",
"versionType": "git"
},
{
"lessThan": "e7ff7a46baafd38d7ed45604397e650d61f5db8d",
"status": "affected",
"version": "d9110b0b01ff1cd02751cd5c2c94e938a8906083",
"versionType": "git"
},
{
"lessThan": "caca37cf6c749ff0303f68418cfe7b757a4e0697",
"status": "affected",
"version": "d9110b0b01ff1cd02751cd5c2c94e938a8906083",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/crypto/marvell/octeontx/otx_cptpf_ucode.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.7"
},
{
"lessThan": "5.7",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.150",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.75",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.19.*",
"status": "unaffected",
"version": "5.19.17",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"version": "6.0.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.1",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.150",
"versionStartIncluding": "5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.75",
"versionStartIncluding": "5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.19.17",
"versionStartIncluding": "5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.3",
"versionStartIncluding": "5.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1",
"versionStartIncluding": "5.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: marvell/octeontx - prevent integer overflows\n\nThe \"code_length\" value comes from the firmware file. If your firmware\nis untrusted realistically there is probably very little you can do to\nprotect yourself. Still we try to limit the damage as much as possible.\nAlso Smatch marks any data read from the filesystem as untrusted and\nprints warnings if it not capped correctly.\n\nThe \"code_length * 2\" can overflow. The round_up(ucode_size, 16) +\nsizeof() expression can overflow too. Prevent these overflows."
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T13:05:54.704Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7bfa7d67735381715c98091194e81e7685f9b7db"
},
{
"url": "https://git.kernel.org/stable/c/12acfa1059ad69aa352ddb2bf23ba1b831aff15f"
},
{
"url": "https://git.kernel.org/stable/c/8f5eee162e55175d9dac98b5e9b8da76449d2257"
},
{
"url": "https://git.kernel.org/stable/c/e7ff7a46baafd38d7ed45604397e650d61f5db8d"
},
{
"url": "https://git.kernel.org/stable/c/caca37cf6c749ff0303f68418cfe7b757a4e0697"
}
],
"title": "crypto: marvell/octeontx - prevent integer overflows",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2022-50763",
"datePublished": "2025-12-24T13:05:54.704Z",
"dateReserved": "2025-12-24T13:02:21.545Z",
"dateUpdated": "2025-12-24T13:05:54.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-50763\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-24T13:16:03.093\",\"lastModified\":\"2025-12-24T13:16:03.093\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncrypto: marvell/octeontx - prevent integer overflows\\n\\nThe \\\"code_length\\\" value comes from the firmware file. If your firmware\\nis untrusted realistically there is probably very little you can do to\\nprotect yourself. Still we try to limit the damage as much as possible.\\nAlso Smatch marks any data read from the filesystem as untrusted and\\nprints warnings if it not capped correctly.\\n\\nThe \\\"code_length * 2\\\" can overflow. The round_up(ucode_size, 16) +\\nsizeof() expression can overflow too. Prevent these overflows.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/12acfa1059ad69aa352ddb2bf23ba1b831aff15f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7bfa7d67735381715c98091194e81e7685f9b7db\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8f5eee162e55175d9dac98b5e9b8da76449d2257\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/caca37cf6c749ff0303f68418cfe7b757a4e0697\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e7ff7a46baafd38d7ed45604397e650d61f5db8d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…