CVE-2022-50580

medium

Description

In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code review in tg_with_in_bps_limit() that 'bps_limit * jiffy_elapsed_rnd' might overflow. Fix the problem by calling mul_u64_u64_div_u64() instead.

References

https://git.kernel.org/stable/c/cc6f0855bf8d9b729df28ff443ced7350c380dbd

https://git.kernel.org/stable/c/ca67b0563b39e79290c23e509319c178b9ca9104

https://git.kernel.org/stable/c/8d6bbaada2e0a65f9012ac4c2506460160e7237a

https://git.kernel.org/stable/c/70b2adb1d698fbc63d3b3848c452524dc15872c5

https://git.kernel.org/stable/c/19c010ae44f0ce52b5436080492a61a092ee0cf4

Details

Source: Mitre, NVD

Published: 2025-10-22

Updated: 2025-10-22

Risk Information

CVSS v2

Base Score: 5.2

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Severity: Medium

EPSS

EPSS: 0.00018