CVE-2022-50052

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-50052
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50052.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-50052
Downstream
Related
Published
2025-06-18T11:01:52Z
Modified
2025-10-21T11:42:46.114709Z
Summary
ASoC: Intel: avs: Fix potential buffer overflow by snprintf()
Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: avs: Fix potential buffer overflow by snprintf()

snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow (although it's unrealistic).

This patch replaces it with a safer version, scnprintf() for papering over such a potential issue.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f1b3b320bd6519b16e3480f74f2926d106e3bcba
Fixed
840311a09f75632b9d41fbc1cd5c7aea94ce5f7e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f1b3b320bd6519b16e3480f74f2926d106e3bcba
Fixed
ca3b7b9dc9bc1fa552f4697b7cccfa0258a44d00

Affected versions

v5.*

v5.18
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.19.1
v5.19.2
v5.19.3

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ca3b7b9dc9bc1fa552f4697b7cccfa0258a44d00",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "18094358285949125156685640511958520854",
                "319925860291603014337297262848811564870",
                "186789772448050164798495148083265002910",
                "245911522132221502338830347804210766561",
                "76339753255650095891093093857798243839"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "sound/soc/intel/avs/pcm.c"
        },
        "id": "CVE-2022-50052-d914302e",
        "signature_version": "v1",
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@840311a09f75632b9d41fbc1cd5c7aea94ce5f7e",
        "deprecated": false,
        "digest": {
            "line_hashes": [
                "18094358285949125156685640511958520854",
                "319925860291603014337297262848811564870",
                "186789772448050164798495148083265002910",
                "245911522132221502338830347804210766561",
                "76339753255650095891093093857798243839"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "sound/soc/intel/avs/pcm.c"
        },
        "id": "CVE-2022-50052-de45276a",
        "signature_version": "v1",
        "signature_type": "Line"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.19.0
Fixed
5.19.4