CVE-2022-50040

Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix buffer overflow in sja1105_setup_devlink_regions() If an error occurs in dsa_devlink_region_create(), then 'priv->regions' array will be accessed by negative index '-1'. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Reserved 2025-06-18 | Published 2025-06-18 | Updated 2025-06-18 | Assigner Linux

Product status

Default status
unaffected

bf425b82059e0b0752c0026353c1902112200837 before 7983e1e44cb322eba6af84160b6d18df80603fb8
affected

bf425b82059e0b0752c0026353c1902112200837 before e84c6321f3578c38cb3c24258db91a92672b17a8
affected

bf425b82059e0b0752c0026353c1902112200837 before 79f86b862416126a2e826cb74224180d6625a32f
affected

bf425b82059e0b0752c0026353c1902112200837 before fd8e899cdb5ecaf8e8ee73854a99e10807eef1de
affected

Default status
affected

5.10
affected

Any version before 5.10
unaffected

5.10.138
unaffected

5.15.63
unaffected

5.19.4
unaffected

6.0
unaffected

References

git.kernel.org/...c/7983e1e44cb322eba6af84160b6d18df80603fb8

git.kernel.org/...c/e84c6321f3578c38cb3c24258db91a92672b17a8

git.kernel.org/...c/79f86b862416126a2e826cb74224180d6625a32f

git.kernel.org/...c/fd8e899cdb5ecaf8e8ee73854a99e10807eef1de

cve.org (CVE-2022-50040)

nvd.nist.gov (CVE-2022-50040)

Download JSON