SB2025100542 - Input validation error in Linux kernel thermal driver
Published: October 5, 2025 Updated: October 27, 2025
Security Bulletin ID
SB2025100542
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Input validation error (CVE-ID: CVE-2022-50494)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the start_power_clamp() function in drivers/thermal/intel_powerclamp.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0f91f66c568b316b19cb042cf50584467b3bdff4
- https://git.kernel.org/stable/c/3e799e815097febbcb81b472285be824f5d089f9
- https://git.kernel.org/stable/c/418fae0700e85a498062424f8656435c32cdb200
- https://git.kernel.org/stable/c/513943bf879d45005213e6f5cfb7d9e9943f589f
- https://git.kernel.org/stable/c/5614908434451aafbf9b24cb5247cf1d21269f76
- https://git.kernel.org/stable/c/5a646c38f648185ee2c62f2a19da3c6f04e27612
- https://git.kernel.org/stable/c/68b99e94a4a2db6ba9b31fe0485e057b9354a640
- https://git.kernel.org/stable/c/6904727db0eb62fb0c2dce1cf331c341d97ee4b7
- https://git.kernel.org/stable/c/6e2a347b304224b2aeb1c0ea000d1cf8a02cc592
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.19.17