CVE-2022-50763

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> crypto: marvell/octeontx - prevent integer overflows<br /> <br /> The "code_length" value comes from the firmware file. If your firmware<br /> is untrusted realistically there is probably very little you can do to<br /> protect yourself. Still we try to limit the damage as much as possible.<br /> Also Smatch marks any data read from the filesystem as untrusted and<br /> prints warnings if it not capped correctly.<br /> <br /> The "code_length * 2" can overflow. The round_up(ucode_size, 16) +<br /> sizeof() expression can overflow too. Prevent these overflows.