CVE-2022-50299

{"id": "CVE-2022-50299", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-09-15T15:15:41.353", "references": [{"url": "https://git.kernel.org/stable/c/1727fd5015d8f93474148f94e34cda5aa6ad4a43", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3b0a2bd51f60418ecd67493586a2bb2174199de3", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/41ca95033a0c47cd6dace1f0a36a6eb5ebe799e6", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/5d8259c9d1915a50c60c7d6e9e7fb9b7da64a175", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/76694e9ce0b2238c0a5f3ba54f9361dd3770ec78", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/897b1450abe5a67c842a5d24173ce4449ccdfa94", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/97238b88583c27c9d3b4a0cedb45f816523f17c3", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f95825c4e51cf9a653b0ef947ac78401fc9d3a40", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Replace snprintf with scnprintf\n\nCurrent code produces a warning as shown below when total characters\nin the constituent block device names plus the slashes exceeds 200.\nsnprintf() returns the number of characters generated from the given\ninput, which could cause the expression \u201c200 \u2013 len\u201d to wrap around\nto a large positive number. Fix this by using scnprintf() instead,\nwhich returns the actual number of characters written into the buffer.\n\n[ 1513.267938] ------------[ cut here ]------------\n[ 1513.267943] WARNING: CPU: 15 PID: 37247 at <snip>/lib/vsprintf.c:2509 vsnprintf+0x2c8/0x510\n[ 1513.267944] Modules linked in: <snip>\n[ 1513.267969] CPU: 15 PID: 37247 Comm: mdadm Not tainted 5.4.0-1085-azure #90~18.04.1-Ubuntu\n[ 1513.267969] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[ 1513.267971] RIP: 0010:vsnprintf+0x2c8/0x510\n<-snip->\n[ 1513.267982] Call Trace:\n[ 1513.267986] snprintf+0x45/0x70\n[ 1513.267990] ? disk_name+0x71/0xa0\n[ 1513.267993] dump_zones+0x114/0x240 [raid0]\n[ 1513.267996] ? _cond_resched+0x19/0x40\n[ 1513.267998] raid0_run+0x19e/0x270 [raid0]\n[ 1513.268000] md_run+0x5e0/0xc50\n[ 1513.268003] ? security_capable+0x3f/0x60\n[ 1513.268005] do_md_run+0x19/0x110\n[ 1513.268006] md_ioctl+0x195e/0x1f90\n[ 1513.268007] blkdev_ioctl+0x91f/0x9f0\n[ 1513.268010] block_ioctl+0x3d/0x50\n[ 1513.268012] do_vfs_ioctl+0xa9/0x640\n[ 1513.268014] ? __fput+0x162/0x260\n[ 1513.268016] ksys_ioctl+0x75/0x80\n[ 1513.268017] __x64_sys_ioctl+0x1a/0x20\n[ 1513.268019] do_syscall_64+0x5e/0x200\n[ 1513.268021] entry_SYSCALL_64_after_hwframe+0x44/0xa9"}], "lastModified": "2025-12-04T15:33:30.630", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1927ABC6-E0D2-478F-B103-B982A42D1158", "versionEndExcluding": "4.14.296", "versionStartIncluding": "4.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6B62970-1FAD-4ED6-930A-23E26A8D2E08", "versionEndExcluding": "4.19.262", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "125F7133-B3B7-4175-8CF3-FF0845483254", "versionEndExcluding": "5.4.220", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C495821C-2A71-4F09-BED8-6A6EB4C9BA27", "versionEndExcluding": "5.10.150", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D945F46-F32F-4C09-8400-C3477E22A9FB", "versionEndExcluding": "5.15.75", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19B4C3A4-E5C3-41DC-BB14-BE72858E7D35", "versionEndExcluding": "5.19.17", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BCD8201-B847-4442-B894-70D430128DEF", "versionEndExcluding": "6.0.3", "versionStartIncluding": "6.0"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}