CVE-2022-50763

Dec. 24, 2025, 1:16 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to limit the damage as much as possible. Also Smatch marks any data read from the filesystem as untrusted and prints warnings if it not capped correctly. The "code_length * 2" can overflow. The round_up(ucode_size, 16) + sizeof() expression can overflow too. Prevent these overflows.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/12acfa1059ad69aa352ddb2bf23ba1b831aff15f
https://git.kernel.org/stable/c/7bfa7d67735381715c98091194e81e7685f9b7db
https://git.kernel.org/stable/c/8f5eee162e55175d9dac98b5e9b8da76449d2257
https://git.kernel.org/stable/c/caca37cf6c749ff0303f68418cfe7b757a4e0697
https://git.kernel.org/stable/c/e7ff7a46baafd38d7ed45604397e650d61f5db8d

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-24
CVE-2022-50763

Timeline

Published: Dec. 24, 2025, 1:16 p.m.
Last Modified: Dec. 24, 2025, 1:16 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.