CVE-2022-50097

HIGH EPSS 6.0%
Published Jun 18, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
High
Find Similar
Published Jun 18, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memset_io() In the function s3fb_set_par(), the value of 'screen_size' is calculated by the user input. If the user provides the improper value, the value of 'screen_size' may larger than 'info->screen_size', which may cause the following bug: [ 54.083733] BUG: unable to handle page fault for address: ffffc90003000000 [ 54.083742] #PF: supervisor write access in kernel mode [ 54.083744] #PF: error_code(0x0002) - not-present page [ 54.083760] RIP: 0010:memset_orig+0x33/0xb0 [ 54.083782] Call Trace: [ 54.083788] s3fb_set_par+0x1ec6/0x4040 [ 54.083806] fb_set_var+0x604/0xeb0 [ 54.083836] do_fb_ioctl+0x234/0x670 Fix the this by checking the value of 'screen_size' before memset_io().

CVSS Details

Base Score
7.8
Exploitability
1.8
Impact
5.9
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
6.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥2.6.21  –  <4.14.291
linuxlinux_kernel*≥4.15  –  <4.19.256
linuxlinux_kernel*≥4.20  –  <5.4.211
linuxlinux_kernel*≥5.5  –  <5.10.137
linuxlinux_kernel*≥5.11  –  <5.15.61
linuxlinux_kernel*≥5.16  –  <5.18.18
linuxlinux_kernel*≥5.19  –  <5.19.2

References 8

  • git.kernel.org https://git.kernel.org/stable/c/3c35a0dc2b4e7acf24c796043b64fa3eee799239
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52461d387cc8c8f8dc40320caa2e9e101f73e7ba
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/574912261528589012b61f82d368256247c3a5a8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5e0da18956d38e7106664dc1d06367b22f06edd3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ba592fa014f21f35a8ee8da4ca7b95a018f13e8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ce50d94afcb8690813c5522f24cd38737657db81
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e2d7cacc6a2a1d77e7e20a492daf458a12cf19e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eacb50f1733660911827d7c3720f4c5425d0cdda
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/3c35a0dc2b4e7acf24c796043b64fa3eee799239
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52461d387cc8c8f8dc40320caa2e9e101f73e7ba
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/574912261528589012b61f82d368256247c3a5a8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5e0da18956d38e7106664dc1d06367b22f06edd3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6ba592fa014f21f35a8ee8da4ca7b95a018f13e8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ce50d94afcb8690813c5522f24cd38737657db81
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e2d7cacc6a2a1d77e7e20a492daf458a12cf19e0
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/eacb50f1733660911827d7c3720f4c5425d0cdda
    Patch