Login Sign Up

CVE-2022-50404

5.5 MEDIUM
Denial of Service

📋 TL;DR

This is a memory leak vulnerability in the Linux kernel's framebuffer console (fbcon) subsystem. When fbcon_do_set_font() fails during font setting operations, it doesn't properly release allocated memory buffers. This affects Linux systems with framebuffer console enabled.

💻 Affected Systems

Products:
  • Linux Kernel
Versions: Specific affected versions not explicitly stated in CVE, but references indicate fixes in stable kernel trees
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires framebuffer console (fbcon) to be enabled and used. Most modern systems use other console drivers by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.

🟠

Likely Case

Memory leak gradually consumes kernel memory over time, potentially leading to system performance degradation or instability requiring reboot.

🟢

If Mitigated

With proper monitoring and memory limits, impact is limited to potential performance issues rather than complete system failure.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger font operations through other means
🏢 Internal Only: MEDIUM - Local users or processes could trigger the vulnerability, potentially affecting system stability

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires ability to trigger font setting operations in fbcon. Discovered through syzbot fuzzing, not known to be actively exploited.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available in stable kernel trees (see references)

Vendor Advisory: https://git.kernel.org/stable/c/06926607b9fddf7ce8017493899ce6eb7e79a123

Restart Required: Yes

Instructions:

1. Update to patched kernel version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable framebuffer console

linux

Switch to alternative console driver if fbcon is not required

Edit /etc/default/grub and add 'console=tty0' or 'console=ttyS0'
Run 'update-grub'
Reboot

🧯 If You Can't Patch

  • Monitor kernel memory usage for unusual increases
  • Restrict user access to console font modification operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if fbcon is active: 'cat /proc/version' and 'lsmod | grep fbcon'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated to patched version and monitor for memory leaks

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops messages
  • Memory allocation failures in kernel logs
  • System instability after console operations

Network Indicators:

  • None - local vulnerability only

SIEM Query:

kernel: "fbcon" AND ("memory leak" OR "allocation failed" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2022-50404
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-401
EPSS Score: 0.01% exploit probability (1.3th percentile)
Published: September 18, 2025
Last Updated: February 6, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50404, you might also want to check these:

CVE-2021-40633 8.8

CVE-2021-40633 is a memory leak vulnerability in gif2rgb, a utility in giflib 5.1.4, allowing remote...

Same vulnerability type (CWE-401)
CVE-2021-3492 8.8

CVE-2021-3492 is a kernel vulnerability in Ubuntu's Shiftfs filesystem where improper error handling...

Same vulnerability type (CWE-401)
CVE-2024-25450 8.8

CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function t...

Same vulnerability type (CWE-401)