CVE-2022-50051
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-13
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | 6.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a potential buffer overflow in the Linux kernel's ASoC SOF debug component caused by the use of snprintf(). snprintf() returns the size that would have been written if the buffer was large enough, which can lead to buffer overflow if this value is used incorrectly. The issue is addressed by replacing snprintf() with a safer function, scnprintf(), to prevent this potential overflow.
How can this vulnerability impact me? :
The vulnerability could lead to a buffer overflow in the Linux kernel's ASoC SOF debug code, which might cause unexpected behavior or crashes. Although the overflow is described as unrealistic, if exploited, it could potentially affect system stability or security.