Security readout for executives and security teams
Plain-English summary
CVE-2022-50828 is a Linux kernel bug in the ZynqMP clock driver. On affected Xilinx-related platforms, a clock name longer than expected can cause a stack out-of-bounds read during driver probing. The public record does not show active exploitation or a CVSS score.
Executive priority
Prioritize for embedded, FPGA, or Xilinx-platform products where kernel stability matters. For standard enterprise servers, urgency is likely low unless they run this specific driver stack.
Technical view
The Linux zynqmp clock path copies a clock name from a 16-byte Linux-ATF SMC payload. If the name exceeds 15 bytes, Linux may not receive a null terminator, causing strncpy to read past the stack buffer. The fix explicitly null-terminates the final byte.
Likely exposure
Exposure appears limited to Linux systems using the ZynqMP firmware/clock driver path, such as Xilinx ZynqMP or Versal environments. General Linux servers are unlikely to be exposed unless this platform-specific driver is relevant.
Exploitation context
The cited report shows KASAN detecting the issue during kernel driver initialization on a Xilinx Versal VCK190 evaluation board. No cited source indicates public exploitation, KEV listing, or a remote attack path.
Researcher notes
Severity is not scored in the supplied data. The root condition is missing null termination across a 16-byte SMC payload boundary. Impact evidence is limited to a KASAN stack out-of-bounds read during probe, not demonstrated code execution.
Mitigation direction
Update to a Linux kernel or vendor kernel containing the referenced stable fixes.
For embedded products, request the corrected kernel patch level from the board or BSP vendor.
If patch timing is unclear, follow Linux and platform vendor guidance.
Validation and detection
Inventory Linux devices using Xilinx ZynqMP, Versal, or related BSP kernels.
Confirm whether the running kernel includes one of the referenced stable commits.
Review boot or test logs for KASAN reports in zynqmp_clock_probe or strncpy.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2022-50828 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
0CVSS vectors
3Timeline events
0ADP providers
7Source links
Vulnerability timeline
Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.
CVE reservedCVE Program
The CVE ID was reserved by the assigning CNA.
CVE publishedCVE Program
The CVE record was published.
Dec 30, 2025, 12:10 UTC (UTC+00:00)
CVE updatedCVE Program
The CVE record metadata indicates this as the latest update time.