CVE-2022-50052

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: avs: Fix potential buffer overflow by snprintf()

snprintf() returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in a buffer overflow (although it's unrealistic).

This patch replaces it with a safer version, scnprintf() for papering over such a potential issue.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf1b3b320bd6519b16e3480f74f2926d106e3bcba < 840311a09f75632b9d41fbc1cd5c7aea94ce5f7eaffected
LinuxLinuxf1b3b320bd6519b16e3480f74f2926d106e3bcba < ca3b7b9dc9bc1fa552f4697b7cccfa0258a44d00affected
LinuxLinux5.19affected
LinuxLinux0 < 5.19unaffected
LinuxLinux5.19.4 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

References