CVE-2022-50050
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-13
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | 6.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a potential buffer overflow in the Linux kernel's ASoC: SOF: Intel: hda component caused by the use of snprintf(). snprintf() returns the size that would have been written if the buffer was large enough, which can lead to a buffer overflow if this value is used improperly. The issue is addressed by replacing snprintf() with a safer function, scnprintf(), to prevent this potential overflow.
How can this vulnerability impact me? :
The vulnerability could potentially lead to a buffer overflow in the affected Linux kernel component, which might cause unexpected behavior such as crashes or memory corruption. However, the description notes that such an overflow is unrealistic, implying the practical impact may be limited.