CVE-2022-50756

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the NVMe-PCI subsystem related to memory pool allocation size. A calculation error could lead to memory corruption beyond the allocated memory pool size when determining the number of PRP lists required. This issue was observed by kfence and, while unlikely, could occur with a 4MB request in 127 physical segments on a queue that does not support SGLs. The root cause is an incorrect rounding of the maximum size calculation, potentially requiring two PRP lists instead of one.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-50756

RHSA-2023:6583

SUSE-SU-2026:0263-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0350-1

SUSE-SU-2026:0369-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:0953-1

SUSE-SU-2026:0954-1

SUSE-SU-2026:0958-1

SUSE-SU-2026:0964-1

SUSE-SU-2026:0967-1

SUSE-SU-2026:0970-1

SUSE-SU-2026:1044-1

SUSE-SU-2026:1088-1

Affected Products

Linux Kernel

Red Hat

CVE-2022-50756

Related Identifiers

Affected Products

References · 1009