CVE-2022-50255

🗓️ 15 Sep 2025 14:02:37Reported by LinuxType

cve🔗 web.nvd.nist.gov👁 12 Views🌐 WEB

Fixes crash when reading strings from synthetic tracing events in Linux kernel with safe user-space string handling.

Reporter	Title	Published	Views	Family All 73
AstraLinux	Astra Linux - уязвимость в linux-5.15	3 May 202623:59	–	astralinux
CNNVD	Linux kernel 安全漏洞	15 Sep 202500:00	–	cnnvd
Cvelist	CVE-2022-50255 tracing: Fix reading strings from synthetic events	15 Sep 202514:02	–	cvelist
Debian CVE	CVE-2022-50255	15 Sep 202514:02	–	debiancve
Tenable Nessus	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2501)	11 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2522)	11 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2025-2609)	31 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2025-2623)	31 Dec 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1071)	15 Jan 202600:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)	15 Jan 202600:00	–	nessus

NVD

Vulners

CNA

Node

linux linux_kernelRange5.10–5.15.75

linux linux_kernelRange5.16–5.19.17

linux linux_kernelRange6.0–6.0.3

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/trace/trace_events_synth.c"
    ],
    "versions": [
      {
        "version": "bd82631d7ccdc894af2738e47abcba2cb6e7dea9",
        "lessThan": "d9c79fbcbdb6cb10c07c85040eaf615180b26c48",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bd82631d7ccdc894af2738e47abcba2cb6e7dea9",
        "lessThan": "149198d0b884e4606ed1d29b330c70016d878276",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bd82631d7ccdc894af2738e47abcba2cb6e7dea9",
        "lessThan": "f8bae1853196b52ede50950387f5b48cf83b9815",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bd82631d7ccdc894af2738e47abcba2cb6e7dea9",
        "lessThan": "0934ae9977c27133449b6dd8c6213970e7eece38",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "kernel/trace/trace_events_synth.c"
    ],
    "versions": [
      {
        "version": "5.10",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.10",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.75",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.19.17",
        "lessThanOrEqual": "5.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.0.3",
        "lessThanOrEqual": "6.0.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/f8bae1853196b52ede50950387f5b48cf83b9815
git	www.git.kernel.org/stable/c/149198d0b884e4606ed1d29b330c70016d878276
git	www.git.kernel.org/stable/c/0934ae9977c27133449b6dd8c6213970e7eece38
git	www.git.kernel.org/stable/c/d9c79fbcbdb6cb10c07c85040eaf615180b26c48

Parameter	Position	Path	Description	CWE
s:open char file[]	request body	sys/kernel/tracing/dynamic_events	Unsafe handling of user-supplied strings in synthetic tracing events can lead to kernel oops when memory checks are skipped (CWE-125).	CWE-125
hist:keys=common_pid:file=filename:onchange($file).trace(open,$file)	request body	sys/kernel/tracing/events/syscalls/sys_enter_openat/trigger	Attack vector via trigger expression for synthetic events reading user-provided file path; unsafe string handling can cause memory access issues (CWE-125).	CWE-125

11 May 2026 19:15Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.17.1

EPSS0.00022

CWE-125