CVE-2022-50165

Sažetak

In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` Commit 7a4836560a61 changes simple_write_to_buffer() with memdup_user() but it forgets to change the value to be returned that came from simple_write_to_buffer() call. It results in the following warning: warning: variable 'rc' is uninitialized when used here [-Wuninitialized] return rc; ^~ Remove rc variable and just return the passed in length if the memdup_user() succeeds.

Reference

https://git.kernel.org/stable/c/409bd72e544fdf4809ea0dac337bb5a1f11a25a9
https://git.kernel.org/stable/c/52b11a48cf073e0aab923ae809a765d756cecf13
https://git.kernel.org/stable/c/689e5caf63e99e15d2f485ec297c1bf9243e0e28
https://git.kernel.org/stable/c/6c5fee83bdbeffe8d607d1ab125122a75f40bd1a
https://git.kernel.org/stable/c/b13c84e877d7a3095bacb14665db304b2c00e95f
https://git.kernel.org/stable/c/c9fde3a44da566d8929070ab6bda4f0dfa9955d0
https://git.kernel.org/stable/c/d4742c886043b69d2d058bfde3998ef333b66595
https://git.kernel.org/stable/c/d578e0af3a003736f6c440188b156483d451b329

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

17-11-2025 - 19:48

Objavljeno

18-06-2025 - 11:15