FKIE_CVE-2022-50182

Vulnerability from fkie_nvd - Published: 2025-06-18 11:15 - Updated: 2025-11-19 12:52
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W (image width) and H (image height) dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture resolution unchanged. For decoder, the risk of memory out of bounds can be avoided. For both encoder and decoder, the driver will lift the limitation of resolution alignment. For example, the decoder can support jpeg whose resolution is 227x149 the encoder can support nv12 1080P, won't change it to 1920x1072.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/447795ffb17cd60bb544e0abfc9399e180a14a2fPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/73d1836ed7911953182b787745cb8c5857a2661cPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9ae2d729de6350c53a06c57782751d84eb2c08d9Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9e7aa76cdb02923ee23a0ddd48f38bdc3512f92bPatch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "508EFB53-3AD2-405D-9368-107BD8BEA339",
              "versionEndExcluding": "5.15.61",
              "versionStartIncluding": "5.13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B42E453-8837-49D0-A5EF-03F818A6DC11",
              "versionEndExcluding": "5.18.18",
              "versionStartIncluding": "5.16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1A2A5A5-4598-4D7E-BA07-4660398D6C8F",
              "versionEndExcluding": "5.19.2",
              "versionStartIncluding": "5.19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Align upwards buffer size\n\nThe hardware can support any image size WxH,\nwith arbitrary W (image width) and H (image height) dimensions.\n\nAlign upwards buffer size for both encoder and decoder.\nand leave the picture resolution unchanged.\n\nFor decoder, the risk of memory out of bounds can be avoided.\nFor both encoder and decoder, the driver will lift the limitation of\nresolution alignment.\n\nFor example, the decoder can support jpeg whose resolution is 227x149\nthe encoder can support nv12 1080P, won\u0027t change it to 1920x1072."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: imx-jpeg: Alinear hacia arriba el tama\u00f1o del b\u00fafer. El hardware puede admitir cualquier tama\u00f1o de imagen (ancho x alto), con dimensiones arbitrarias de ancho y alto. Alinear hacia arriba el tama\u00f1o del b\u00fafer tanto para el codificador como para el decodificador y dejar la resoluci\u00f3n de la imagen sin cambios. Para el decodificador, se puede evitar el riesgo de memoria fuera de los l\u00edmites. Tanto para el codificador como para el decodificador, el controlador eliminar\u00e1 la limitaci\u00f3n de la alineaci\u00f3n de la resoluci\u00f3n. Por ejemplo, el decodificador puede admitir jpeg cuya resoluci\u00f3n es de 227x149, el codificador puede admitir nv12 1080P, no lo cambiar\u00e1 a 1920x1072."
    }
  ],
  "id": "CVE-2022-50182",
  "lastModified": "2025-11-19T12:52:11.973",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-06-18T11:15:48.700",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/447795ffb17cd60bb544e0abfc9399e180a14a2f"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/73d1836ed7911953182b787745cb8c5857a2661c"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9ae2d729de6350c53a06c57782751d84eb2c08d9"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/9e7aa76cdb02923ee23a0ddd48f38bdc3512f92b"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.