CVE-2022-50222
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-18

Last updated on: 2025-11-19

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read immediately after resize operation. Initialize buffer using kzalloc(). ---------- #include <fcntl.h> #include <unistd.h> #include <sys/ioctl.h> #include <linux/fb.h> int main(int argc, char *argv[]) { struct fb_var_screeninfo var = { }; const int fb_fd = open("/dev/fb0", 3); ioctl(fb_fd, FBIOGET_VSCREENINFO, &var); var.yres = 0x21; ioctl(fb_fd, FBIOPUT_VSCREENINFO, &var); return read(open("/dev/vcsu", O_RDONLY), &var, sizeof(var)) == -1; } ----------
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-18
Last Modified
2025-11-19
Generated
2026-05-07
AI Q&A
2025-06-18
EPSS Evaluated
2026-05-05
NVD
CVE-2022-50222
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel involves an information leak in the virtual console subsystem (vcs_read()). After a resize operation, the unicode screen buffer was not properly initialized, allowing the buffer to be read immediately and potentially exposing sensitive kernel memory contents. The fix involved initializing the buffer using kzalloc() to clear its contents before use.


How can this vulnerability impact me? :

This vulnerability can lead to an information leak where sensitive data from kernel memory could be exposed to an unprivileged user reading from the virtual console device. This could potentially aid attackers in gathering information useful for further attacks or privilege escalation.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking if the system's Linux kernel is vulnerable to the infoleak at vcs_read() after a resize operation. The provided code snippet demonstrates a method to test the vulnerability by manipulating the framebuffer device and reading from /dev/vcsu. Running similar commands that open /dev/fb0 and /dev/vcsu, perform ioctl calls to change screen info, and then attempt to read the buffer can help detect the vulnerability.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability is mitigated by updating the Linux kernel to a version where the unicode screen buffer is properly initialized using kzalloc(), preventing the infoleak. Therefore, the immediate step is to apply the kernel update or patch that includes this fix.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart