CVE-2022-49478

HIGH 7.8

media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init Syzbot reported that -1 is used as array index. The problem was in missing validation check. hdw->unit_number is initialized with -1 and then if init table walk fails this value remains unchanged. Since code blindly uses this member for array indexing adding sanity check is the easiest fix for that. hdw->workpoll initialization moved upper to prevent warning in __flush_work.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Feb 26, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < 4351bfe36aba9fa7dc9d68d498d25d41a0f45e67 d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < 2e004fe914b243db41fa96f9e583385f360ea58e d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < a3660e06675bccec4bf149c7229ea1d491ba10d7 d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < 1310fc3538dcc375a2f46ef0a438512c2ca32827 d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < a3304766d9384886e6d3092c776273526947a2e9 d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < 3309c2c574e13b21b44729f5bdbf21f60189b79a d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < f99a8b1ec0eddc2931aeaa4f490277a15b39f511 d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < 24e807541e4a9263ed928e6ae3498de3ad43bd1e d855497edbfbf9e19a17f4a1154bca69cb4bd9ba < 471bec68457aaf981add77b4f590d65dd7da1059

Linux / Linux

2.6.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗