CVE-2022-50079

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check correct bounds for stream encoder instances for DCN303 [Why & How] eng_id for DCN303 cannot be more than 1, since we have only two instances of stream encoders. Check the correct boundary condition for engine ID for DCN303 prevent the potential out of bounds access.

CVSS v3 7.1 HIGH

7.1^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/4c31dca1799612eb3b6413e3e574f90c3fb8f865	Patch
https://git.kernel.org/stable/c/82a27c1855445d48aacc67b0c0640f3dadebe52f	Patch
https://git.kernel.org/stable/c/89b008222c2bf21e50219725caed31590edfd9d1	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc1::::::

History

No history.

Information

Published : 2025-06-18 11:15

Updated : 2025-11-17 19:22

NVD link : CVE-2022-50079

Mitre link : CVE-2022-50079

CVE.ORG link : CVE-2022-50079

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-125

Out-of-bounds Read

{"id": "CVE-2022-50079", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2025-06-18T11:15:36.873", "references": [{"url": "https://git.kernel.org/stable/c/4c31dca1799612eb3b6413e3e574f90c3fb8f865", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/82a27c1855445d48aacc67b0c0640f3dadebe52f", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/89b008222c2bf21e50219725caed31590edfd9d1", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check correct bounds for stream encoder instances for DCN303\n\n[Why & How]\neng_id for DCN303 cannot be more than 1, since we have only two\ninstances of stream encoders.\n\nCheck the correct boundary condition for engine ID for DCN303 prevent\nthe potential out of bounds access."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: Verificar los l\u00edmites correctos para las instancias del codificador de flujo para DCN303 [Por qu\u00e9 y c\u00f3mo] El valor eng_id para DCN303 no puede ser mayor que 1, ya que solo tenemos dos instancias de codificadores de flujo. Verificar la condici\u00f3n de l\u00edmite correcta para el ID del motor para DCN303 previene el posible acceso fuera de los l\u00edmites."}], "lastModified": "2025-11-17T19:22:59.370", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "185EE6AF-BD8F-4E95-80BC-9322B04CC91B", "versionEndExcluding": "5.15.63", "versionStartIncluding": "5.14"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E669300-DA42-4ACD-86D8-68BE5F29FB88", "versionEndExcluding": "5.19.4", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}