CVE-2022-50101

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bug in the Linux kernel has been identified, specifically in the vt8623fb driver. The issue arises when the screen size value, calculated from user input in the vt8623fb set par() function, exceeds the actual info->screen size. This can lead to a page fault error, as indicated by the kernel mode supervisor write access error. The error occurs because the memset io() function attempts to access a non-present page. The bug is triggered through the fb set var(), do fb ioctl(), and fb ioctl() functions, ultimately causing a page fault.

Recommendations To resolve this issue, check the value of screen size before calling memset io() to prevent accessing memory beyond the valid range. At the moment, there is no information about a newer version that contains a fix for this vulnerability.