Wind River Support Network

HomeDefectsLIN1021-20288
Fixed

LIN1021-20288 : Security Advisory - linux - CVE-2022-50749

Created: Dec 25, 2025    Updated: Dec 27, 2025
Resolved Date: Dec 26, 2025
Found In Version: 10.21.20.2
Fix Version: 10.21.20.17
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:

acct: fix potential integer overflow in encode_comp_t()

The integer overflow is descripted with following codes:
  > 317 static comp_t encode_comp_t(u64 value)
  > 318 {
  > 319         int exp, rnd;
    ......
  > 341         exp <<= MANTSIZE;
  > 342         exp += value;
  > 343         return exp;
  > 344 }

Currently comp_t is defined as type of '__u16', but the variable 'exp' is
type of 'int', so overflow would happen when variable 'exp' in line 343 is
greater than 65535.
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube