VYPR
Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Apr 15, 2026

CVE-2022-50876

CVE-2022-50876

Description

In the Linux kernel, the following vulnerability has been resolved:

usb: musb: Fix musb_gadget.c rxstate overflow bug

The usb function device call musb_gadget_queue() adds the passed request to musb_ep::req_list,If the (request->length > musb_ep->packet_sz) and (is_buffer_mapped(req) return false),the rxstate() will copy all data in fifo to request->buf which may cause request->buf out of bounds.

Fix it by add the length check : fifocnt = min_t(unsigned, request->length - request->actual, fifocnt);

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

80

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.