CVE-2022-50399

MEDIUM

Linux Kernel - Integer Overflow in Media Atomisp Black Frame Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: prevent integer overflow in sh_css_set_black_frame() The "height" and "width" values come from the user so the "height * width" multiplication can overflow.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654

Patch

https://git.kernel.org/stable/c/a560aeac2f2d284903b5900774765d7fc61547bc

Patch

https://git.kernel.org/stable/c/a549517e4b761f3940011db30320cb8c9badde54

Patch

https://git.kernel.org/stable/c/3ad290194bb06979367622e47357462836c1d3b4

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 4.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-190

Status published

Products (13)

Linux/Linux < 4.12

Linux/Linux 4.12

Linux/Linux 4.18 - 5.8

Linux/Linux 5.15.77 - 5.15.*

Linux/Linux 5.8

Linux/Linux 6.0.7 - 6.0.*

Linux/Linux 6.1

Linux/Linux a49d25364dfb9f8a64037488a39ab1f56c5fa419 - 51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654

Linux/Linux ad85094b293e40e7a2f831b0311a389d952ebd5e - 3ad290194bb06979367622e47357462836c1d3b4

Linux/Linux ad85094b293e40e7a2f831b0311a389d952ebd5e - a549517e4b761f3940011db30320cb8c9badde54

... and 3 more

Published Sep 18, 2025

Tracked Since Feb 18, 2026