CVE-2022-50052
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-13
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | 6.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a potential buffer overflow in the Linux kernel's ASoC Intel avs component caused by using snprintf(). snprintf() returns the size that would have been written if the buffer was large enough, which can lead to a buffer overflow if this value is used incorrectly. The issue was fixed by replacing snprintf() with scnprintf(), which safely limits the output to the buffer size, preventing the overflow.
How can this vulnerability impact me? :
The vulnerability could potentially lead to a buffer overflow in the affected Linux kernel component. Although described as unrealistic, such a buffer overflow could cause memory corruption, crashes, or potentially allow an attacker to execute arbitrary code, impacting system stability and security.