CVE-2022-50781

high

Description

In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is capped at 2 but not checked for negative values so it results in an out of bounds read. This value comes from the user via sysfs.

References

https://git.kernel.org/stable/c/f289a38df0da4cfe4b50d04b1b9c3bc646fecd57

https://git.kernel.org/stable/c/d27252b5706e51188aed7647126e44dcf9e940c1

https://git.kernel.org/stable/c/a03625ad11b50429930f4c491d6c97e70f2ba89a

https://git.kernel.org/stable/c/85273b4a7076ed5328c8ace02234e4e7e10972d5

https://git.kernel.org/stable/c/8084bd0a64e278314b733993f388d83a86aa1183

https://git.kernel.org/stable/c/4d3dc0de9c46d9f73be6bac026e40b893e37ea21

Details

Source: Mitre, NVD

Published: 2025-12-24

Updated: 2025-12-29

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High

EPSS

EPSS: 0.00024