vulnerability
Ubuntu: (CVE-2022-50404): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Sep 18, 2025 | Sep 26, 2025 | Dec 12, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Sep 18, 2025
Added
Sep 26, 2025
Modified
Dec 12, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcon_do_set_font() failed syzbot is reporting memory leak at fbcon_do_set_font() [1], for commit a5a923038d70 ("fbdev: fbcon: Properly revert changes when vc_resize() failed") missed that the buffer might be newly allocated by fbcon_set_font().
Solutions
ubuntu-upgrade-linuxubuntu-upgrade-linux-awsubuntu-upgrade-linux-aws-5-15ubuntu-upgrade-linux-azureubuntu-upgrade-linux-azure-5-15ubuntu-upgrade-linux-bluefieldubuntu-upgrade-linux-gcpubuntu-upgrade-linux-gcp-5-15ubuntu-upgrade-linux-gkeubuntu-upgrade-linux-gkeopubuntu-upgrade-linux-hwe-5-15ubuntu-upgrade-linux-ibmubuntu-upgrade-linux-intel-iot-realtimeubuntu-upgrade-linux-intel-iotgubuntu-upgrade-linux-intel-iotg-5-15ubuntu-upgrade-linux-kvmubuntu-upgrade-linux-lowlatencyubuntu-upgrade-linux-lowlatency-hwe-5-15ubuntu-upgrade-linux-nvidiaubuntu-upgrade-linux-nvidia-tegra-5-15ubuntu-upgrade-linux-oracleubuntu-upgrade-linux-oracle-5-15ubuntu-upgrade-linux-raspiubuntu-upgrade-linux-realtimeubuntu-upgrade-linux-riscv-5-15
References
- CVE-2022-50404
- https://attackerkb.com/topics/CVE-2022-50404
- CWE-401
- URL-https://git.kernel.org/linus/3c3bfb8586f848317ceba5d777e11204ba3e5758
- URL-https://git.kernel.org/stable/c/06926607b9fddf7ce8017493899ce6eb7e79a123
- URL-https://git.kernel.org/stable/c/3c3bfb8586f848317ceba5d777e11204ba3e5758
- URL-https://git.kernel.org/stable/c/88ec6d11052da527eb9268831e7a9bc5bbad02f6
- URL-https://git.kernel.org/stable/c/a609bfc1e644a8467cb31945ed1488374ebdc013
- URL-https://www.cve.org/CVERecord?id=CVE-2022-50404
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.