CVE-2022-50508
HIGH EPSS 3.4%
Published Oct 4, 20258mo ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
Published Oct 4, 2025 8mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power After 'commit ba45841ca5eb ("wifi: mt76: mt76x02: simplify struct mt76x02_rate_power")', mt76x02 relies on ht[0-7] rate_power data for vht mcs{0,7}, while it uses vth[0-1] rate_power for vht mcs {8,9}. Fix a possible out-of-bound access in mt76x0_phy_get_target_power routine.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
3.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-125 Out-of-bounds Read Memory Safety
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥6.2 – <6.2.3 |
References 2
- git.kernel.org https://git.kernel.org/stable/c/6e1abc51c945663bddebfa1beb9590ff5b250eb7
- git.kernel.org https://git.kernel.org/stable/c/bf425c5d7ef6fb4083c1e0d46440f886127b5ee5
Remediation
- git.kernel.org https://git.kernel.org/stable/c/6e1abc51c945663bddebfa1beb9590ff5b250eb7
- git.kernel.org https://git.kernel.org/stable/c/bf425c5d7ef6fb4083c1e0d46440f886127b5ee5