CVE-2022-50814

Dec. 31, 2025, 8:43 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr KASAN reported this Bug: [17619.659757] BUG: KASAN: global-out-of-bounds in param_get_int+0x34/0x60 [17619.673193] Read of size 4 at addr fffff01332d7ed00 by task read_all/1507958 ... [17619.698934] The buggy address belongs to the variable: [17619.708371] sgl_sge_nr+0x0/0xffffffffffffa300 [hisi_zip] There is a mismatch in hisi_zip when get/set the variable sgl_sge_nr. The type of sgl_sge_nr is u16, and get/set sgl_sge_nr by param_get/set_int. Replacing param_get/set_int to param_get/set_ushort can fix this bug.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
o linux linux_kernel / / / / / / / /

References

https://git.kernel.org/stable/c/272093471305261c4e07a2fc97c2d1e53cd56819
https://git.kernel.org/stable/c/5eaebd19fbb0e26e73a34f55d3b1dc310df0eb15
https://git.kernel.org/stable/c/d74f9340097a881869c4c22ca376654cc2516ecc
https://git.kernel.org/stable/c/d88b88514ef28515ccfa1f1787c2aedef75a79dd
https://git.kernel.org/stable/c/f8a983d6e01b198320d310cb1326364d7d973b2a

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2025-12-30
CVE-2022-50814

Timeline

Published: Dec. 30, 2025, 1:15 p.m.
Last Modified: Dec. 31, 2025, 8:43 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.