vulnerability

Huawei EulerOS: CVE-2022-50222: kernel security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:N/C:C/I:N/A:C)	Sep 9, 2025	Oct 24, 2025	Oct 27, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:N/A:C)

Published

Sep 9, 2025

Added

Oct 24, 2025

Modified

Oct 27, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

tty: vt: initialize unicode screen buffer

syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read
immediately after resize operation. Initialize buffer using kzalloc().

----------
#include <fcntl.h>
#include <unistd.h>
#include <sys/ioctl.h>
#include <linux/fb.h>

int main(int argc, char *argv[])
{
struct fb_var_screeninfo var = { };
const int fb_fd = open("/dev/fb0", 3);
ioctl(fb_fd, FBIOGET_VSCREENINFO, &var);
var.yres = 0x21;
ioctl(fb_fd, FBIOPUT_VSCREENINFO, &var);
return read(open("/dev/vcsu", O_RDONLY), &var, sizeof(var)) == -1;
}
----------

Solutions

huawei-euleros-2_0_sp13-upgrade-bpftoolhuawei-euleros-2_0_sp13-upgrade-kernelhuawei-euleros-2_0_sp13-upgrade-kernel-abi-stablelistshuawei-euleros-2_0_sp13-upgrade-kernel-toolshuawei-euleros-2_0_sp13-upgrade-kernel-tools-libshuawei-euleros-2_0_sp13-upgrade-python3-perf

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today