CVE-2022-50222
Published: Jun 18, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read immediately after resize operation. Initialize buffer using kzalloc(). ---------- #include <fcntl.h> #include <unistd.h> #include <sys/ioctl.h> #include <linux/fb.h> int main(int argc, char *argv[]) { struct fb_var_screeninfo var = { }; const int fb_fd = open("/dev/fb0", 3); ioctl(fb_fd, FBIOGET_VSCREENINFO, &var); var.yres = 0x21; ioctl(fb_fd, FBIOPUT_VSCREENINFO, &var); return read(open("/dev/vcsu", O_RDONLY), &var, sizeof(var)) == -1; } ----------
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected d8ae7242718738ee1bf9bfdd632d2a4b150fdd26 - < e02fa87e572bb7d90dcdbce9c0f519f1eb992e96affected d8ae7242718738ee1bf9bfdd632d2a4b150fdd26 - < cc9e874dace0c89ae535230c7da19b764746811eaffected d8ae7242718738ee1bf9bfdd632d2a4b150fdd26 - < 5c6c65681f39bf71bc72ed589dec3b8b20e75cacaffected d8ae7242718738ee1bf9bfdd632d2a4b150fdd26 - < 446f123aa6021e5f75a20789f05ff3f7ae51a42faffected d8ae7242718738ee1bf9bfdd632d2a4b150fdd26 - < 777a462e1ae50a01fc4a871efa8e34d596a1e17d+2 more versions |
Linux | Linux | affected 4.19unaffected 0 - < 4.19unaffected 4.19.256 - <= 4.19.*unaffected 5.4.211 - <= 5.4.*unaffected 5.10.137 - <= 5.10.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now