CVE-2022-50182

media: imx-jpeg: Align upwards buffer size

Description

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W (image width) and H (image height) dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture resolution unchanged. For decoder, the risk of memory out of bounds can be avoided. For both encoder and decoder, the driver will lift the limitation of resolution alignment. For example, the decoder can support jpeg whose resolution is 227x149 the encoder can support nv12 1080P, won't change it to 1920x1072.

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/9ae2d729de6350c53a06c57782751d84eb2c08d9
https://git.kernel.org/stable/c/73d1836ed7911953182b787745cb8c5857a2661c
https://git.kernel.org/stable/c/447795ffb17cd60bb544e0abfc9399e180a14a2f
https://git.kernel.org/stable/c/9e7aa76cdb02923ee23a0ddd48f38bdc3512f92b

Frequently Asked Questions

What is the severity of CVE-2022-50182?
CVE-2022-50182 has not yet been assigned a CVSS score.
How to fix CVE-2022-50182?
To fix CVE-2022-50182, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-50182 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-50182 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-50182?
CVE-2022-50182 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.