CVE-2022-50255

🗓️ 15 Sep 2025 14:02:37Reported by LinuxType

cve🔗 web.nvd.nist.gov👁 25 Views🌐 WEB

Fixes crash when reading strings from synthetic tracing events in Linux kernel with safe user-space string handling.

Reporter	Title	Published	Views	Family All 73
AstraLinux	Astra Linux – Vulnerability in Linux 5.15	19 Jun 202611:10	–	astralinux
CNNVD	Linux kernel 安全漏洞	15 Sep 202500:00	–	cnnvd
Cvelist	CVE-2022-50255 tracing: Fix reading strings from synthetic events	15 Sep 202514:02	–	cvelist
Debian CVE	CVE-2022-50255	15 Sep 202514:02	–	debiancve
Tenable Nessus	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2501)	11 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2522)	11 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2025-2609)	31 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2025-2623)	31 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1071)	15 Jan 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)	15 Jan 202600:00	–	nessus

NVD

Vulners

CNA

Node

linux linux_kernelRange5.10–5.15.75

linux linux_kernelRange5.16–5.19.17

linux linux_kernelRange6.0–6.0.3

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/trace/trace_events_synth.c"
    ],
    "versions": [
      {
        "version": "bd82631d7ccdc894af2738e47abcba2cb6e7dea9",
        "lessThan": "d9c79fbcbdb6cb10c07c85040eaf615180b26c48",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bd82631d7ccdc894af2738e47abcba2cb6e7dea9",
        "lessThan": "149198d0b884e4606ed1d29b330c70016d878276",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bd82631d7ccdc894af2738e47abcba2cb6e7dea9",
        "lessThan": "f8bae1853196b52ede50950387f5b48cf83b9815",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bd82631d7ccdc894af2738e47abcba2cb6e7dea9",
        "lessThan": "0934ae9977c27133449b6dd8c6213970e7eece38",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/trace/trace_events_synth.c"
    ],
    "versions": [
      {
        "version": "5.10",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.10",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.75",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.19.17",
        "lessThanOrEqual": "5.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.0.3",
        "lessThanOrEqual": "6.0.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/f8bae1853196b52ede50950387f5b48cf83b9815
git	www.git.kernel.org/stable/c/149198d0b884e4606ed1d29b330c70016d878276
git	www.git.kernel.org/stable/c/0934ae9977c27133449b6dd8c6213970e7eece38
git	www.git.kernel.org/stable/c/d9c79fbcbdb6cb10c07c85040eaf615180b26c48

Parameter	Position	Path	Description	CWE
filename	path	events/syscalls/sys_enter_openat/trigger	Kernel synthetic event reading strings without proper memory checks in open event trigger path	CWE-125
$file	path	events/syscalls/sys_enter_openat/trigger	Kernel synthetic event reading strings without proper memory checks in open event trigger path	CWE-125
s:open char file[]	path	sys/kernel/tracing/dynamic_events	Dynamic synthetic event configuration using unsafe string field in open event	CWE-125

17 Jun 2026 05:23Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.17.1

EPSS0.00149

CWE-125