CVE-2022-49950

HIGH

Linux Kernel 5.1-5.4.213, 5.5-5.10.142, 5.11-5.15.66, 5.16-5.19.8 - Out-of-bounds Write in fastrpc_session_alloc

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on open The probe session-duplication overflow check incremented the session count also when there were no more available sessions so that memory beyond the fixed-size slab-allocated session array could be corrupted in fastrpc_session_alloc() on open().

Scores

CVSS v3 7.8
EPSS 0.0020
EPSS Percentile 10.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (18)
linux/Kernel 5.1.0 - 5.4.213linux
linux/Kernel 5.11.0 - 5.15.66linux
linux/Kernel 5.16.0 - 5.19.8linux
linux/Kernel 5.5.0 - 5.10.142linux
Linux/Linux < 5.1
Linux/Linux 5.1
Linux/Linux 5.10.142 - 5.10.*
Linux/Linux 5.15.66 - 5.15.*
Linux/Linux 5.19.8 - 5.19.*
Linux/Linux 5.4.213 - 5.4.*
... and 8 more
Published Jun 18, 2025
Tracked Since Feb 18, 2026