CVE-2022-49792

HIGH

Linux Kernel < 5.10.156 - Out-of-Bounds Read

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/1678d4abb2dc2ca3b05b998a9d88616976e4f947

Patch

https://git.kernel.org/stable/c/399b2105a2240e730b9f3880bd8f154247539aa7

Patch

https://git.kernel.org/stable/c/ca1547ab15f48dc81624183ae17a2fd1bad06dfc

Patch

https://git.kernel.org/stable/c/d95b85c5084ad70011988861ee864529eefa1da0

Scores

CVSS v3 7.1

EPSS 0.0007

EPSS Percentile 20.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (5)

linux/Kernel 5.11.0 - 5.15.80linux

linux/Kernel 5.16.0 - 6.0.10linux

linux/Kernel 5.8.0 - 5.10.156linux

linux/linux_kernel 6.1 rc1 (5 CPE variants)

linux/linux_kernel 5.8 - 5.10.156

Published May 01, 2025

Tracked Since Feb 18, 2026