Linux Kernel Vulnerability in Unicode Screen Buffer Initialization
CVE-2022-50222

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 June 2025

What is CVE-2022-50222?

A vulnerability has been identified in the Linux kernel that allows an infoleak in the virtual console system. When the unicode screen buffer is resized, sensitive buffer data can be read immediately after the operation. This occurs due to improper initialization of the buffer, leading to uninitialized memory disclosure. Developers are encouraged to update their kernel versions to include the fix that initializes the buffer properly using kzalloc(), mitigating the risk of exposing sensitive information.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5c6c65681f39bf71bc72ed589dec3b8b20e75cac

References

https://git.kernel.org/stable/c/e02fa87e572bb7d90dcdbce9c...

https://git.kernel.org/stable/c/cc9e874dace0c89ae535230c7...

https://git.kernel.org/stable/c/5c6c65681f39bf71bc72ed589...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2025
Vulnerability Reserved
Jun 18, 2025