CVE-2022-50131

NameCVE-2022-50131
DescriptionIn the Linux kernel, the following vulnerability has been resolved: HID: mcp2221: prevent a buffer overflow in mcp_smbus_write() Smatch Warning: drivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error: __memcpy() '&mcp->txbuf[5]' too small (59 vs 255) drivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error: __memcpy() 'buf' too small (34 vs 255) The 'len' variable can take a value between 0-255 as it can come from data->block[0] and it is user data. So add an bound check to prevent a buffer overflow in memcpy().
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)bullseye5.10.223-1fixed
bullseye (security)5.10.237-1fixed
bookworm6.1.137-1fixed
bookworm (security)6.1.140-1fixed
trixie6.12.35-1fixed
trixie (security)6.12.31-1fixed
sid6.12.37-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsourcebullseye5.10.140-1
linuxsource(unstable)6.0.2-1

Notes

https://git.kernel.org/linus/62ac2473553a00229e67bdf3cb023b62cf7f5a9a (6.0-rc1)
Search for package or bug name: Reporting problems