CVE-2022-50051

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: SOF: debug: Fix potential buffer overflow by snprintf()

snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow (although it's unrealistic).

This patch replaces with a safer version, scnprintf() for papering over such a potential issue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5b10b62989219aa527ee4fa555d1995a3b70981b < b318b9dd2ac67f39d0338ce563879d1f59a0347aaffected
LinuxLinux5b10b62989219aa527ee4fa555d1995a3b70981b < a67971a17604ae7de278fb09243432459afc51e1affected
LinuxLinux5b10b62989219aa527ee4fa555d1995a3b70981b < 1eb123ce985e6cf302ac6e3f19862d132d86fa8faffected
LinuxLinux5.11affected
LinuxLinux0 < 5.11unaffected
LinuxLinux5.15.63 <= 5.15.*unaffected
LinuxLinux5.19.4 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References