Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` Commit 7a4836560a61 changes simple_write_to_buffer() with memdup_user() but it forgets to change the value to be returned that came from simple_write_to_buffer() call. It results in the following warning: warning: variable 'rc' is uninitialized when used here [-Wuninitialized] return rc; ^~ Remove rc variable and just return the passed in length if the memdup_user() succeeds.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.17, < 4.14.291 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/409bd72e544fdf4809ea0dac337bb5a1f11a25a9Patch
- https://git.kernel.org/stable/c/52b11a48cf073e0aab923ae809a765d756cecf13Patch
- https://git.kernel.org/stable/c/689e5caf63e99e15d2f485ec297c1bf9243e0e28Patch
- https://git.kernel.org/stable/c/6c5fee83bdbeffe8d607d1ab125122a75f40bd1aPatch
- https://git.kernel.org/stable/c/b13c84e877d7a3095bacb14665db304b2c00e95fPatch
- https://git.kernel.org/stable/c/c9fde3a44da566d8929070ab6bda4f0dfa9955d0Patch
- https://git.kernel.org/stable/c/d4742c886043b69d2d058bfde3998ef333b66595Patch
- https://git.kernel.org/stable/c/d578e0af3a003736f6c440188b156483d451b329Patch
FAQ
What is CVE-2022-50165?
CVE-2022-50165 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` Commit 7a4836560a61 changes simple_write_to_buffe...
How severe is CVE-2022-50165?
CVE-2022-50165 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-50165?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.