Stack Overflow in Linux Kernel's QoS Configuration Buffer by Hisilicon
CVE-2022-50407

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2022-50407?

A vulnerability in the Linux kernel's Hisilicon QM module allows for a potential stack overflow due to insufficient checks on the length of the 'val buffer' during QoS configuration. The current buffer length is set to only 32 bytes, while the maximum expected length is 256 bytes. This oversight can lead to memory corruption and security implications, highlighting the importance of proactive mitigation strategies.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 263c9959c9376ec0217d6adc61222a53469eed3c < 34c4f8ad45b4ea814c7ecc3f23a2d292959d5a52

Linux 263c9959c9376ec0217d6adc61222a53469eed3c

Linux 263c9959c9376ec0217d6adc61222a53469eed3c < 3efe90af4c0c46c58dba1b306de142827153d9c0

References

https://git.kernel.org/stable/c/34c4f8ad45b4ea814c7ecc3f2...

https://git.kernel.org/stable/c/fc521abb6ee4b8f06fdfc5264...

https://git.kernel.org/stable/c/3efe90af4c0c46c58dba1b306...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025

JSON

Linux

What is CVE-2022-50407?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.