{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-50330", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-15T14:18:36.815Z", "datePublished": "2025-09-15T14:49:33.015Z", "dateUpdated": "2025-09-15T14:49:33.015Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-15T14:49:33.015Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: cavium - prevent integer overflow loading firmware\n\nThe \"code_length\" value comes from the firmware file. If your firmware\nis untrusted realistically there is probably very little you can do to\nprotect yourself. Still we try to limit the damage as much as possible.\nAlso Smatch marks any data read from the filesystem as untrusted and\nprints warnings if it not capped correctly.\n\nThe \"ntohl(ucode->code_length) * 2\" multiplication can have an\ninteger overflow."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/cavium/cpt/cptpf_main.c"], "versions": [{"version": "9e2c7d99941d000a36f68a3594cec27a1bbea274", "lessThan": "c4d4c2afd08dfb3cd1c880d1811ede2568e81a6d", "status": "affected", "versionType": "git"}, {"version": "9e2c7d99941d000a36f68a3594cec27a1bbea274", "lessThan": "90e483e7f20c32287d2a9da967e122938f52737a", "status": "affected", "versionType": "git"}, {"version": "9e2c7d99941d000a36f68a3594cec27a1bbea274", "lessThan": "584561e94260268abe1c83e00d9c205565cb7bc5", "status": "affected", "versionType": "git"}, {"version": "9e2c7d99941d000a36f68a3594cec27a1bbea274", "lessThan": "3a720eb89026c5241b8c4abb33370dc6fb565eee", "status": "affected", "versionType": "git"}, {"version": "9e2c7d99941d000a36f68a3594cec27a1bbea274", "lessThan": "172c8a24fc8312cf6b88d3c88469653fdcb1c127", "status": "affected", "versionType": "git"}, {"version": "9e2c7d99941d000a36f68a3594cec27a1bbea274", "lessThan": "371fa5129af53a79f6dddc90fe5bb0825cbe72a4", "status": "affected", "versionType": "git"}, {"version": "9e2c7d99941d000a36f68a3594cec27a1bbea274", "lessThan": "e29fd7a6852376d2cfb95ad5d6d3eeff93f815e9", "status": "affected", "versionType": "git"}, {"version": "9e2c7d99941d000a36f68a3594cec27a1bbea274", "lessThan": "2526d6bf27d15054bb0778b2f7bc6625fd934905", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/cavium/cpt/cptpf_main.c"], "versions": [{"version": "4.11", "status": "affected"}, {"version": "0", "lessThan": "4.11", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.296", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.262", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.220", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.150", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.75", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19.17", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.0.3", "lessThanOrEqual": "6.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "4.14.296"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "4.19.262"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.4.220"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.10.150"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.15.75"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "5.19.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "6.0.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.11", "versionEndExcluding": "6.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c4d4c2afd08dfb3cd1c880d1811ede2568e81a6d"}, {"url": "https://git.kernel.org/stable/c/90e483e7f20c32287d2a9da967e122938f52737a"}, {"url": "https://git.kernel.org/stable/c/584561e94260268abe1c83e00d9c205565cb7bc5"}, {"url": "https://git.kernel.org/stable/c/3a720eb89026c5241b8c4abb33370dc6fb565eee"}, {"url": "https://git.kernel.org/stable/c/172c8a24fc8312cf6b88d3c88469653fdcb1c127"}, {"url": "https://git.kernel.org/stable/c/371fa5129af53a79f6dddc90fe5bb0825cbe72a4"}, {"url": "https://git.kernel.org/stable/c/e29fd7a6852376d2cfb95ad5d6d3eeff93f815e9"}, {"url": "https://git.kernel.org/stable/c/2526d6bf27d15054bb0778b2f7bc6625fd934905"}], "title": "crypto: cavium - prevent integer overflow loading firmware", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: cavium - prevent integer overflow loading firmware\n\nThe \"code_length\" value comes from the firmware file. If your firmware\nis untrusted realistically there is probably very little you can do to\nprotect yourself. Still we try to limit the damage as much as possible.\nAlso Smatch marks any data read from the filesystem as untrusted and\nprints warnings if it not capped correctly.\n\nThe \"ntohl(ucode->code_length) * 2\" multiplication can have an\ninteger overflow."}], "id": "CVE-2022-50330", "lastModified": "2025-09-15T15:22:27.090", "metrics": {}, "published": "2025-09-15T15:15:45.187", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/172c8a24fc8312cf6b88d3c88469653fdcb1c127"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2526d6bf27d15054bb0778b2f7bc6625fd934905"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/371fa5129af53a79f6dddc90fe5bb0825cbe72a4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3a720eb89026c5241b8c4abb33370dc6fb565eee"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/584561e94260268abe1c83e00d9c205565cb7bc5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/90e483e7f20c32287d2a9da967e122938f52737a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c4d4c2afd08dfb3cd1c880d1811ede2568e81a6d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e29fd7a6852376d2cfb95ad5d6d3eeff93f815e9"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: crypto: cavium - prevent integer overflow loading firmware", "id": "2395402", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395402"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2022-50330", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-50330\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50330\nhttps://lore.kernel.org/linux-cve-announce/2025091555-CVE-2022-50330-cd49@gregkh/T"], "threat_severity": "Moderate"}