DEBIAN-CVE-2022-50497

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2022-50497

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50497.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-50497

Upstream

CVE-2022-50497

Published

2025-10-04T16:15:46.777Z

Modified

2025-11-14T04:05:56.126348Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: fix shift-out-of-bounds in checkspecialflags UBSAN reported a shift-out-of-bounds warning: left shift of 1 by 31 places cannot be represented in type 'int' Call Trace: <TASK> _dumpstack lib/dumpstack.c:88 [inline] dumpstacklvl+0x8d/0xcf lib/dumpstack.c:106 ubsanepilogue+0xa/0x44 lib/ubsan.c:151 _ubsanhandleshiftoutofbounds+0x1e7/0x208 lib/ubsan.c:322 checkspecialflags fs/binfmtmisc.c:241 [inline] createentry fs/binfmtmisc.c:456 [inline] bmregisterwrite+0x9d3/0xa20 fs/binfmtmisc.c:654 vfswrite+0x11e/0x580 fs/readwrite.c:582 ksyswrite+0xcf/0x120 fs/readwrite.c:637 dosyscallx64 arch/x86/entry/common.c:50 [inline] dosyscall64+0x34/0x80 arch/x86/entry/common.c:80 entrySYSCALL64afterhwframe+0x63/0xcd RIP: 0033:0x4194e1 Since the type of Node's flags is unsigned long, we should define these macros with same type too.

References

https://security-tracker.debian.org/tracker/CVE-2022-50497

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.178-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}