{"uuid": "37be3fa9-8cf7-4c96-8217-0cb01387f784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-50222", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18728", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-50222\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vt: initialize unicode screen buffer\n\nsyzbot reports kernel infoleak at vcs_read() [1], for buffer can be read\nimmediately after resize operation. Initialize buffer using kzalloc().\n\n  ----------\n  #include \n  #include \n  #include \n  #include \n\n  int main(int argc, char *argv[])\n  {\n    struct fb_var_screeninfo var = { };\n    const int fb_fd = open(\"/dev/fb0\", 3);\n    ioctl(fb_fd, FBIOGET_VSCREENINFO, &var);\n    var.yres = 0x21;\n    ioctl(fb_fd, FBIOPUT_VSCREENINFO, &var);\n    return read(open(\"/dev/vcsu\", O_RDONLY), &var, sizeof(var)) == -1;\n  }\n  ----------\n\ud83d\udccf Published: 2025-06-18T11:03:56.744Z\n\ud83d\udccf Modified: 2025-06-18T11:03:56.744Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/e02fa87e572bb7d90dcdbce9c0f519f1eb992e96\n2. https://git.kernel.org/stable/c/cc9e874dace0c89ae535230c7da19b764746811e\n3. https://git.kernel.org/stable/c/5c6c65681f39bf71bc72ed589dec3b8b20e75cac\n4. https://git.kernel.org/stable/c/446f123aa6021e5f75a20789f05ff3f7ae51a42f\n5. https://git.kernel.org/stable/c/777a462e1ae50a01fc4a871efa8e34d596a1e17d\n6. https://git.kernel.org/stable/c/e0ef23e9b0ad18b9fd3741b0f1ad2282e4a18def\n7. https://git.kernel.org/stable/c/af77c56aa35325daa2bc2bed5c2ebf169be61b86", "creation_timestamp": "2025-06-18T11:38:32.000000Z"}