PT-2025-37617 · Linux+2 · Linux Kernel+2
Published
2022-10-17
·
Updated
2025-10-11
·
CVE-2022-50315
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 5.15.0-25-generic #25-Ubuntu
Description
An array-index-out-of-bounds issue was identified in the Linux kernel's AHCI driver. The
sata pmp init links() function initializes link->pmp up to SATA PMP MAX PORTS, while the em priv array is declared with a size of 8 elements. This discrepancy can lead to a UBSAN error when accessing the array out of bounds. The issue arises from a mismatch between the maximum number of Enclosure Management ports and the allocated array size.Recommendations
Update to Linux kernel version 5.15.0-25-generic #25-Ubuntu or later.
Exploit
Fix
Improper Validation of Array Index
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Linux Kernel
Ubuntu