CVE-2022-50030

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, leaving space for NULL terminators.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2d544e9d19c109dfe34b3dc1253a8b2971abe060	Patch
https://git.kernel.org/stable/c/927907f1cbb3408cadde637fccfc17bb6b10a87d	Patch
https://git.kernel.org/stable/c/b92506dc51f81741eb26609175ac206c20f06e0a	Patch
https://git.kernel.org/stable/c/c29a4baaad38a332c0ae480cf6d6c5bf75ac1828	Patch
https://git.kernel.org/stable/c/f8191d40aa612981ce897e66cda6a88db8df17bb	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2025-06-18 11:15

Updated : 2025-11-13 19:31

NVD link : CVE-2022-50030

Mitre link : CVE-2022-50030

CVE.ORG link : CVE-2022-50030

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2022-50030", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-06-18T11:15:31.340", "references": [{"url": "https://git.kernel.org/stable/c/2d544e9d19c109dfe34b3dc1253a8b2971abe060", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/927907f1cbb3408cadde637fccfc17bb6b10a87d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b92506dc51f81741eb26609175ac206c20f06e0a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c29a4baaad38a332c0ae480cf6d6c5bf75ac1828", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f8191d40aa612981ce897e66cda6a88db8df17bb", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input\n\nMalformed user input to debugfs results in buffer overflow crashes. Adapt\ninput string lengths to fit within internal buffers, leaving space for NULL\nterminators."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: lpfc: Evita fallos por desbordamiento de b\u00fafer en debugfs con entradas de usuario malformadas. Las entradas de usuario malformadas en debugfs provocan fallos por desbordamiento de b\u00fafer. Adapta la longitud de las cadenas de entrada para que quepan en los b\u00faferes internos, dejando espacio para terminadores NULL."}], "lastModified": "2025-11-13T19:31:31.187", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C93525F2-6B89-4364-BF33-F82A1E5CA910", "versionEndExcluding": "5.4.211"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "445ACC04-A2BA-4176-B4C9-CA4AA59096D2", "versionEndExcluding": "5.10.138", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5744A03-DA40-4A78-9063-13179361DC6D", "versionEndExcluding": "5.15.63", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E669300-DA42-4ACD-86D8-68BE5F29FB88", "versionEndExcluding": "5.19.4", "versionStartIncluding": "5.16"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}