CVE-2022-50040
HIGH EPSS 13.1%
Published Jun 18, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
Published Jun 18, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix buffer overflow in sja1105_setup_devlink_regions() If an error occurs in dsa_devlink_region_create(), then 'priv->regions' array will be accessed by negative index '-1'. Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
13.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-787 Out-of-bounds Write Memory Safety
Affected Products 4
References 4
- git.kernel.org https://git.kernel.org/stable/c/7983e1e44cb322eba6af84160b6d18df80603fb8
- git.kernel.org https://git.kernel.org/stable/c/79f86b862416126a2e826cb74224180d6625a32f
- git.kernel.org https://git.kernel.org/stable/c/e84c6321f3578c38cb3c24258db91a92672b17a8
- git.kernel.org https://git.kernel.org/stable/c/fd8e899cdb5ecaf8e8ee73854a99e10807eef1de
Remediation
- git.kernel.org https://git.kernel.org/stable/c/7983e1e44cb322eba6af84160b6d18df80603fb8
- git.kernel.org https://git.kernel.org/stable/c/79f86b862416126a2e826cb74224180d6625a32f
- git.kernel.org https://git.kernel.org/stable/c/e84c6321f3578c38cb3c24258db91a92672b17a8
- git.kernel.org https://git.kernel.org/stable/c/fd8e899cdb5ecaf8e8ee73854a99e10807eef1de