Description

In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112_xfer() Smatch warnings: drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'data->block[1]' too small (33 vs 255) drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'buf' too small (64 vs 255) The 'read_length' variable is provided by 'data->block[0]' which comes from user and it(read_length) can take a value between 0-255. Add an upper bound to 'read_length' variable to prevent a buffer overflow in memcpy().

INFO

Published Date :

2025-06-18T11:03:13.913Z

Last Modified :

2025-06-18T11:03:13.913Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-50156 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-50156.

URL Resource
https://git.kernel.org/stable/c/26e427ac85c2b8d0d108cc80b6de34d33e2780c4 cve-icon cve-icon
https://git.kernel.org/stable/c/381583845d19cb4bd21c8193449385f3fefa9caf cve-icon cve-icon
https://git.kernel.org/stable/c/3af7d60e9a6c17d6d41c4341f8020511887d372d cve-icon cve-icon
https://git.kernel.org/stable/c/519ff31a6ddd87aa4905bd9bf3b92e8b88801614 cve-icon cve-icon
https://git.kernel.org/stable/c/8489a20ac481b08c0391608d81ed3796d373cfdf cve-icon cve-icon
https://git.kernel.org/stable/c/e7028944e61014ae915e7fb74963d3835f2f761a cve-icon cve-icon
https://git.kernel.org/stable/c/ebda3d6b004bb6127a66a616524a2de152302ca7 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025061824-CVE-2022-50156-3e2e@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-50156 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-50156 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact