CVE-2022-50165

low-risk

Published 2025-06-18

In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix uninitialized variable use in `wil_write_file_wmi()` Commit 7a4836560a61 changes simple_write_to_buffer() with memdup_user() but it forgets to change the value to be returned that came from simple_write_to_buffer() call. It results in the following warning: warning: variable 'rc' is uninitialized when used here [-Wuninitialized] return rc; ^~ Remove rc variable and just return the passed in length if the memdup_user() succeeds.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (8)

Patch https://git.kernel.org/stable/c/409bd72e544fdf4809ea0dac337bb5a1f11a25a9

Patch https://git.kernel.org/stable/c/52b11a48cf073e0aab923ae809a765d756cecf13

Patch https://git.kernel.org/stable/c/689e5caf63e99e15d2f485ec297c1bf9243e0e28

Patch https://git.kernel.org/stable/c/6c5fee83bdbeffe8d607d1ab125122a75f40bd1a

Patch https://git.kernel.org/stable/c/b13c84e877d7a3095bacb14665db304b2c00e95f

Patch https://git.kernel.org/stable/c/c9fde3a44da566d8929070ab6bda4f0dfa9955d0

Patch https://git.kernel.org/stable/c/d4742c886043b69d2d058bfde3998ef333b66595

Patch https://git.kernel.org/stable/c/d578e0af3a003736f6c440188b156483d451b329

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal