CVE-2022-50763

24.12.2025, 13:16

In the Linux kernel, the following vulnerability has been resolved:

crypto: marvell/octeontx - prevent integer overflows

The "code_length" value comes from the firmware file. If your firmware
is untrusted realistically there is probably very little you can do to
protect yourself. Still we try to limit the damage as much as possible.
Also Smatch marks any data read from the filesystem as untrusted and
prints warnings if it not capped correctly.

The "code_length * 2" can overflow. The round_up(ucode_size, 16) +
sizeof() expression can overflow too. Prevent these overflows.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 fixed
bullseye (security)	5.10.247-1 fixed
bookworm	6.1.148-1 fixed
bookworm (security)	6.1.158-1 fixed
trixie	6.12.57-1 fixed
trixie (security)	6.12.48-1 fixed
forky	6.17.12-1 fixed
sid	6.17.13-1 fixed

References

https://git.kernel.org/stable/c/12acfa1059ad69aa352ddb2bf23ba1b831aff15f

https://git.kernel.org/stable/c/7bfa7d67735381715c98091194e81e7685f9b7db

https://git.kernel.org/stable/c/8f5eee162e55175d9dac98b5e9b8da76449d2257

https://git.kernel.org/stable/c/caca37cf6c749ff0303f68418cfe7b757a4e0697

https://git.kernel.org/stable/c/e7ff7a46baafd38d7ed45604397e650d61f5db8d