{"id":"CVE-2022-50575","summary":"xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nxen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()\n\nAs 'kdata.num' is user-controlled data, if user tries to allocate\nmemory larger than(\u003e=) MAX_ORDER, then kcalloc() will fail, it\ncreates a stack trace and messes up dmesg with a warning.\n\nCall trace:\n-\u003e privcmd_ioctl\n--\u003e privcmd_ioctl_mmap_resource\n\nAdd __GFP_NOWARN in order to avoid too large allocation warning.\nThis is detected by static analysis using smatch.","modified":"2026-04-02T08:28:38.389814Z","published":"2025-10-22T13:23:29.595Z","related":["SUSE-SU-2025:4111-1","SUSE-SU-2025:4139-1","SUSE-SU-2025:4149-1","SUSE-SU-2025:4320-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50575.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0bf874183b32eae2cc20e3c5be38ec3d33e7e564"},{"type":"WEB","url":"https://git.kernel.org/stable/c/46026bb057c35f5bb111bf95e00cd8366d2e34d4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4da411086f5ab32f811a89ef804980ec106ebb65"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4f983ee5e5de924d93a7bbb4e6f68f38c6256cd5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5d68ae32d132ea2af73bc223fd64c46f85302a8b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e0c5f1058ed96f2b7487560c4c4cbd768d13d065"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50575.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50575"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3ad0876554cafa368f574d4d408468510543e9ff"},{"fixed":"5d68ae32d132ea2af73bc223fd64c46f85302a8b"},{"fixed":"4f983ee5e5de924d93a7bbb4e6f68f38c6256cd5"},{"fixed":"46026bb057c35f5bb111bf95e00cd8366d2e34d4"},{"fixed":"0bf874183b32eae2cc20e3c5be38ec3d33e7e564"},{"fixed":"e0c5f1058ed96f2b7487560c4c4cbd768d13d065"},{"fixed":"4da411086f5ab32f811a89ef804980ec106ebb65"},{"fixed":"8b997b2bb2c53b76a6db6c195930e9ab8e4b0c79"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50575.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.18.0"},{"fixed":"4.19.270"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.229"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.163"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.86"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.0.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.1.0"},{"fixed":"6.1.2"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50575.json"}}],"schema_version":"1.7.5"}