Description

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case number of PRP entries. The result is used to determine how many PRP Lists are required. The code was previously rounding this to 1 list, but we can require 2 in the worst case. In that scenario, the driver would corrupt memory beyond the size provided by the mempool. While unlikely to occur (you'd need a 4MB in exactly 127 phys segments on a queue that doesn't support SGLs), this memory corruption has been observed by kfence.

INFO

Published Date :

2025-12-24T13:05:49.635Z

Last Modified :

2025-12-24T13:05:49.635Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-50756 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-50756.

URL Resource
https://git.kernel.org/stable/c/9141144b37f30e3e7fa024bcfa0a13011e546ba9 cve-icon cve-icon
https://git.kernel.org/stable/c/b1814724e0d7162bdf4799f2d565381bc2251c63 cve-icon cve-icon
https://git.kernel.org/stable/c/c89a529e823d51dd23c7ec0c047c7a454a428541 cve-icon cve-icon
https://git.kernel.org/stable/c/dfb6d54893d544151e7f480bc44cfe7823f5ad23 cve-icon cve-icon
https://git.kernel.org/stable/c/e1777b4286e526c58b4ee699344b0ad85aaf83a0 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025122453-CVE-2022-50756-ce43@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-50756 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-50756 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact