PT-2025-8090 · Linux+2 · Linux Kernel+2

Zheyu Ma

Published

2022-03-03

Updated

2025-04-15

CVE-2022-49162

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A crash issue has been identified in the Linux kernel, specifically in the sm712fb driver when writing to the framebuffer. The driver crashes when attempting to write three bytes, resulting in a page fault error. The issue is related to the smtcfb write() function and can be triggered through the vfs write() and ksys write() functions. The error is characterized by a BUG message indicating an inability to handle a page fault for a specific address, followed by a call trace.

Recommendations To resolve this issue, the fix involves removing the open-coded endianness fixup code from the smtcfb write() function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2026-01534

CVE-2022-49162

OPENSUSE-SU-2025_1263-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-8090 · Linux+2 · Linux Kernel+2

CVE-2022-49162

Weakness Enumeration

Related Identifiers

Affected Products

References · 1356