CVE-2022-50030

HIGH

Linux Kernel - Buffer Overflow in SCSI LPFC DebugFS via Malformed User Input

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed user input Malformed user input to debugfs results in buffer overflow crashes. Adapt input string lengths to fit within internal buffers, leaving space for NULL terminators.

Scores

CVSS v3 7.8
EPSS 0.0018
EPSS Percentile 7.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (17)
linux/Kernel 4.11.0 - 5.4.211linux
linux/Kernel 5.11.0 - 5.15.63linux
linux/Kernel 5.16.0 - 5.19.4linux
linux/Kernel 5.5.0 - 5.10.138linux
Linux/Linux < 4.11
Linux/Linux 4.11
Linux/Linux 5.10.138 - 5.10.*
Linux/Linux 5.15.63 - 5.15.*
Linux/Linux 5.19.4 - 5.19.*
Linux/Linux 5.4.211 - 5.4.*
... and 7 more
Published Jun 18, 2025
Tracked Since Feb 18, 2026