CVE-2022-50876
- Source
- https://cve.org/CVERecord?id=CVE-2022-50876
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50876.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-50876
- Downstream
- Related
- Published
- 2025-12-30T12:23:16.790Z
- Modified
- 2026-03-20T11:47:39.614220Z
- Summary
- usb: musb: Fix musb_gadget.c rxstate overflow bug
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb: musb: Fix musb_gadget.c rxstate overflow bug
The usb function device call musbgadgetqueue() adds the passed request to musbep::reqlist,If the (request->length > musbep->packetsz) and (isbuffermapped(req) return false),the rxstate() will copy all data in fifo to request->buf which may cause request->buf out of bounds.
Fix it by add the length check : fifocnt = min_t(unsigned, request->length - request->actual, fifocnt);
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50876.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/3c84c7f592c4ba38f54ddaddd0115acc443025db
- https://git.kernel.org/stable/c/523313881f0aa5cbbdb548ce575b6e58b202bd76
- https://git.kernel.org/stable/c/7c80f3a918ba9aa26fb699ee887064ec3af0396a
- https://git.kernel.org/stable/c/826f84ab04a5cafe484ea9c2c85a3930068e5cb7
- https://git.kernel.org/stable/c/a1008c8b9f357691ce6a8fdb8f157aecb2d79167
- https://git.kernel.org/stable/c/a9ccd2ab1becf5dcb6d57e9fcd981f5eaa606c96
- https://git.kernel.org/stable/c/acf0006f2b2b2ca672988875fd154429aafb2a9b
- https://git.kernel.org/stable/c/d6afcab1b48f4051211c50145b9e91be3b1b42c9
- https://git.kernel.org/stable/c/eea4c860c3b366369eff0489d94ee4f0571d467d
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50876.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50876
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced03840fad004ce8a56bc8b3bb60a2df10f6f9481eFixed826f84ab04a5cafe484ea9c2c85a3930068e5cb7Fixeda1008c8b9f357691ce6a8fdb8f157aecb2d79167Fixed7c80f3a918ba9aa26fb699ee887064ec3af0396aFixedd6afcab1b48f4051211c50145b9e91be3b1b42c9Fixedacf0006f2b2b2ca672988875fd154429aafb2a9bFixed3c84c7f592c4ba38f54ddaddd0115acc443025dbFixeda9ccd2ab1becf5dcb6d57e9fcd981f5eaa606c96Fixed523313881f0aa5cbbdb548ce575b6e58b202bd76Fixedeea4c860c3b366369eff0489d94ee4f0571d467d
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced4.3.0Fixed4.9.331
- Type
- ECOSYSTEM
- Events
-
Introduced4.10.0Fixed4.14.296
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.262
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.220
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.150
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.75
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed5.19.17
- Type
- ECOSYSTEM
- Events
-
Introduced5.20.0Fixed6.0.3