CVE-2022-50169
HIGHDescription
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() The simple_write_to_buffer() function will succeed if even a single byte is initialized. However, we need to initialize the whole buffer to prevent information leaks. Just use memdup_user().
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
| linux | linux_kernel |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2022-50169? +
How severe is CVE-2022-50169? +
What products are affected by CVE-2022-50169? +
How do I check if I'm vulnerable to CVE-2022-50169? +
Related Vulnerabilities
ESPTouch is a connection protocol for internet of things devices. In the ESPTouchV2 protocol, while there is an option to …
The ctl_write_buffer and ctl_read_buffer functions allocated memory to be returned to userspace, without initializing it. Malicious software running in a …
ITS dissector crash in Wireshark 4.4.0 allows denial of service via packet injection or crafted capture file
In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: …
PAD CMS improperly initializes parameter used for password recovery, which allows to change password for any user that did not …
In the Linux kernel, the following vulnerability has been resolved: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network …