DEBIAN-CVE-2022-50222
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-50222
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-50222.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-50222
- Upstream
- Published
- 2025-06-18T11:15:53Z
- Modified
- 2025-09-30T05:16:00.394838Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcsread() [1], for buffer can be read immediately after resize operation. Initialize buffer using kzalloc(). ---------- #include <fcntl.h> #include <unistd.h> #include <sys/ioctl.h> #include <linux/fb.h> int main(int argc, char *argv[]) { struct fbvarscreeninfo var = { }; const int fbfd = open("/dev/fb0", 3); ioctl(fbfd, FBIOGETVSCREENINFO, &var); var.yres = 0x21; ioctl(fbfd, FBIOPUTVSCREENINFO, &var); return read(open("/dev/vcsu", O_RDONLY), &var, sizeof(var)) == -1; } ----------
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.140-1
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source