CVE-2022-50052

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential buffer overflow by snprintf() snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow (although it's unrealistic). This patch replaces it with a safer version, scnprintf() for papering over such a potential issue.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/840311a09f75632b9d41fbc1cd5c7aea94ce5f7e	Patch
https://git.kernel.org/stable/c/ca3b7b9dc9bc1fa552f4697b7cccfa0258a44d00	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.0:rc1::::::

History

13 Nov 2025, 18:41

Type	Values Removed	Values Added
CWE		CWE-787
References	~~() https://git.kernel.org/stable/c/840311a09f75632b9d41fbc1cd5c7aea94ce5f7e -~~	() https://git.kernel.org/stable/c/840311a09f75632b9d41fbc1cd5c7aea94ce5f7e - Patch
References	~~() https://git.kernel.org/stable/c/ca3b7b9dc9bc1fa552f4697b7cccfa0258a44d00 -~~	() https://git.kernel.org/stable/c/ca3b7b9dc9bc1fa552f4697b7cccfa0258a44d00 - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
First Time		Linux linux Kernel Linux
CPE		cpe:2.3:o:linux:linux_kernel:6.0:rc1:::::: cpe:2.3:o:linux:linux_kernel::::::::

Information

Published : 2025-06-18 11:15

Updated : 2025-11-13 18:41

NVD link : CVE-2022-50052

Mitre link : CVE-2022-50052

CVE.ORG link : CVE-2022-50052

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2022-50052", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-06-18T11:15:33.833", "references": [{"url": "https://git.kernel.org/stable/c/840311a09f75632b9d41fbc1cd5c7aea94ce5f7e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ca3b7b9dc9bc1fa552f4697b7cccfa0258a44d00", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: avs: Fix potential buffer overflow by snprintf()\n\nsnprintf() returns the would-be-filled size when the string overflows\nthe given buffer size, hence using this value may result in a buffer\noverflow (although it's unrealistic).\n\nThis patch replaces it with a safer version, scnprintf() for papering\nover such a potential issue."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: Intel: avs: Correcci\u00f3n de un posible desbordamiento de b\u00fafer mediante snprintf(). snprintf() devuelve el tama\u00f1o que se espera que se llene cuando la cadena supera el tama\u00f1o de b\u00fafer especificado; por lo tanto, usar este valor puede provocar un desbordamiento de b\u00fafer (aunque esto no es realista). Este parche lo reemplaza con una versi\u00f3n m\u00e1s segura, scnprintf(), para disimular este posible problema."}], "lastModified": "2025-11-13T18:41:08.457", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B05B3A7-DED2-4B21-94AE-AE1F779C2A3D", "versionEndExcluding": "5.19.4", "versionStartIncluding": "5.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}