CVE-2022-50165

high

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` Commit 7a4836560a61 changes simple_write_to_buffer() with memdup_user() but it forgets to change the value to be returned that came from simple_write_to_buffer() call. It results in the following warning: warning: variable 'rc' is uninitialized when used here [-Wuninitialized] return rc; ^~ Remove rc variable and just return the passed in length if the memdup_user() succeeds.

References

https://git.kernel.org/stable/c/d578e0af3a003736f6c440188b156483d451b329

https://git.kernel.org/stable/c/d4742c886043b69d2d058bfde3998ef333b66595

https://git.kernel.org/stable/c/c9fde3a44da566d8929070ab6bda4f0dfa9955d0

https://git.kernel.org/stable/c/b13c84e877d7a3095bacb14665db304b2c00e95f

https://git.kernel.org/stable/c/6c5fee83bdbeffe8d607d1ab125122a75f40bd1a

https://git.kernel.org/stable/c/689e5caf63e99e15d2f485ec297c1bf9243e0e28

https://git.kernel.org/stable/c/52b11a48cf073e0aab923ae809a765d756cecf13

https://git.kernel.org/stable/c/409bd72e544fdf4809ea0dac337bb5a1f11a25a9

Details

Source: Mitre, NVD

Published: 2025-06-18

Updated: 2025-06-18

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Severity: High

EPSS

EPSS: 0.00024