CVE-2022-50222 – Linux Kernel TTY Unicode Screen Buffer Info Leak

June 18, 2025

CVE ID : CVE-2022-50222

Published : June 18, 2025, 11:15 a.m. | 3 hours, 16 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

tty: vt: initialize unicode screen buffer

syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read
immediately after resize operation. Initialize buffer using kzalloc().

———-
#include
#include
#include
#include

int main(int argc, char *argv[])
{
struct fb_var_screeninfo var = { };
const int fb_fd = open(“/dev/fb0”, 3);
ioctl(fb_fd, FBIOGET_VSCREENINFO, &var);
var.yres = 0x21;
ioctl(fb_fd, FBIOPUT_VSCREENINFO, &var);
return read(open(“/dev/vcsu”, O_RDONLY), &var, sizeof(var)) == -1;
}
———-

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2022-50223 – LoongArch Linux Kernel CPUInfo Information Disclosure Vulnerability

Next Article CVE-2022-50225 – RISC-V Linux Kernel Uprobe SR SPIE Handling Vulnerability

Highlights

CVE-2025-4244 – Code-Projects Online Bus Reservation System SQL Injection

May 3, 2025

CVE ID : CVE-2025-4244

Published : May 3, 2025, 8:15 p.m. | 1 hour, 16 minutes ago

Description : A vulnerability, which was classified as critical, was found in code-projects Online Bus Reservation System 1.0. This affects an unknown part of the file /seatlocation.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

CodeSOD: Using the Old Bean

IBM launches new integration to help unify AI security and governance

How to free up your Mac’s storage space – 3 easy ways

I finally found a mini PC with a striking design (and the power to back it up)

The best password generators of 2025: Expert tested

Facebook’s new passkey support could soon let you ditch your password forever

eslint-plugin-mutate

eslint-plugin-mutate

Event-Driven Microservice Backend For a Modern E-commerce Platform.

Search Params Are State – How TanStack Router Solves It

You Can Now Auto-Generate Google Forms Using Gemini Using Prompts or Files – Here’s How

You Can Now Auto-Generate Google Forms Using Gemini Using Prompts or Files – Here’s How

Google Helps Devs Build Safe Android Apps with THIS Play Policy – Find Out More Here

Microsoft Edge for Business Now Lets Admins Push Encrypted Passwords to Users Securely

CVE-2022-50222 – Linux Kernel TTY Unicode Screen Buffer Info Leak

Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps

Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild

CVE-2025-49586 – XWiki Remote Code Execution Vulnerability

CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk

Benchmarking the next generation of never-ending learners

Microsoft confirms Windows 10 0x80070643 after KB5057589, as WinRE strikes again

CVE-2025-4244 – Code-Projects Online Bus Reservation System SQL Injection

CVE-2025-49158 – Trend Micro Apex One Escalation of Privilege Vulnerability

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

How to Build RAG AI Agents with TypeScript

CVE-2022-50222 – Linux Kernel TTY Unicode Screen Buffer Info Leak

Related Posts