CVE-2022-49950

misc: fastrpc: fix memory corruption on open

Description

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on open The probe session-duplication overflow check incremented the session count also when there were no more available sessions so that memory beyond the fixed-size slab-allocated session array could be corrupted in fastrpc_session_alloc() on open().

N/A

CVSS

Severity:

EPSS 0.02%

Affected: Linux Linux

References

Link	Tags
https://git.kernel.org/stable/c/f8632b8bb53ebc005d8f24a68a0c1f9678c0e908
https://git.kernel.org/stable/c/5cf2a57c7a01a0d7bdecf875a63682f542891b1b
https://git.kernel.org/stable/c/cf20c3533efc89578ace94fa20a9e63446223c72
https://git.kernel.org/stable/c/e0578e603065f120a8759b75e0d6c216c7078a39
https://git.kernel.org/stable/c/d245f43aab2b61195d8ebb64cef7b5a08c590ab4

Frequently Asked Questions

What is the severity of CVE-2022-49950?: CVE-2022-49950 has not yet been assigned a CVSS score.
How to fix CVE-2022-49950?: To fix CVE-2022-49950, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49950 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2022-49950 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49950?: CVE-2022-49950 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.