Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-h85m-6qg2-23fm

Опубликовано: 18 сент. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 5.5

Описание

In the Linux kernel, the following vulnerability has been resolved:

crypto: hisilicon/qm - increase the memory of local variables

Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' is only 32 bytes. The sscanf does not check the dest memory length. So the 'val buffer' may stack overflow.

In the Linux kernel, the following vulnerability has been resolved:

crypto: hisilicon/qm - increase the memory of local variables

Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' is only 32 bytes. The sscanf does not check the dest memory length. So the 'val buffer' may stack overflow.

Ссылки

EPSS

Процентиль: 5%
0.00022
Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2022-50407

Дефекты

CWE-674

Связанные уязвимости

ubuntu логотип

CVE-2022-50407

CVSS3: 5.5
ubuntu
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' is only 32 bytes. The sscanf does not check the dest memory length. So the 'val buffer' may stack overflow.

redhat логотип

CVE-2022-50407

CVSS3: 5.5
redhat
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' is only 32 bytes. The sscanf does not check the dest memory length. So the 'val buffer' may stack overflow.

nvd логотип

CVE-2022-50407

CVSS3: 5.5
nvd
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' is only 32 bytes. The sscanf does not check the dest memory length. So the 'val buffer' may stack overflow.

msrc логотип

CVE-2022-50407

msrc
около 2 месяцев назад

crypto: hisilicon/qm - increase the memory of local variables

debian логотип

CVE-2022-50407

CVSS3: 5.5
debian
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: c ...

EPSS

Процентиль: 5%
0.00022
Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2022-50407

Дефекты

CWE-674