CVE-2022-50763
Published: Dec 24, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "code_length" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to limit the damage as much as possible. Also Smatch marks any data read from the filesystem as untrusted and prints warnings if it not capped correctly. The "code_length * 2" can overflow. The round_up(ucode_size, 16) + sizeof() expression can overflow too. Prevent these overflows.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected d9110b0b01ff1cd02751cd5c2c94e938a8906083 - < 7bfa7d67735381715c98091194e81e7685f9b7dbaffected d9110b0b01ff1cd02751cd5c2c94e938a8906083 - < 12acfa1059ad69aa352ddb2bf23ba1b831aff15faffected d9110b0b01ff1cd02751cd5c2c94e938a8906083 - < 8f5eee162e55175d9dac98b5e9b8da76449d2257affected d9110b0b01ff1cd02751cd5c2c94e938a8906083 - < e7ff7a46baafd38d7ed45604397e650d61f5db8daffected d9110b0b01ff1cd02751cd5c2c94e938a8906083 - < caca37cf6c749ff0303f68418cfe7b757a4e0697 |
Linux | Linux | affected 5.7unaffected 0 - < 5.7unaffected 5.10.150 - <= 5.10.*unaffected 5.15.75 - <= 5.15.*unaffected 5.19.17 - <= 5.19.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now