CVE-2022-50358

In the Linux kernel, the following vulnerability has been resolved:

brcmfmac: return error when getting invalid max_flowrings from dongle

When firmware hit trap at initialization, host will read abnormal
max_flowrings number from dongle, and it will cause kernel panic when
doing iowrite to initialize dongle ring.
To detect this error at early stage, we directly return error when getting
invalid max_flowrings(>256).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.2 MEDIUM
PHYSICAL
HIGH
NONE
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
VendorProductVersion
linuxlinux_kernel
𝑥
< 5.4.229
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.163
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.86
linuxlinux_kernel
5.16 ≤
𝑥
< 6.0.16
linuxlinux_kernel
6.1 ≤
𝑥
< 6.1.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.237-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.147-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.41-1
fixed
forky
6.16.7-1
fixed
sid
6.16.7-1
fixed
References
https://git.kernel.org/stable/c/10c4b63d09a5b0ebf1b61af1dae7f25555cf58b6
https://git.kernel.org/stable/c/200347eb3b2608cc8b54c13dd1d5e03809ba2eb2
https://git.kernel.org/stable/c/2aca4f3734bd717e04943ddf340d49ab62299a00
https://git.kernel.org/stable/c/2e8bb402b060a6c22160de3d72cee057698177c8
https://git.kernel.org/stable/c/3cc9299036bdb647408e11e41de3eb1ff6d428cd
https://git.kernel.org/stable/c/87f126b25fa8562196f0f4c0aa46a446026199bf