CVE-2022-48951
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 9e5c40b5706d8aae2cf70bd7e01f0b4575a642d0 < 56288987843c3cb343e81e5fa51549cbaf541bd0 | affected |
| Linux | Linux | 4977491e4b3aad8567f57e2a9992d251410c1db3 < cf1c225f1927891ae388562b78ced7840c3723b9 | affected |
| Linux | Linux | 9a12fcbf3c622f9bf6b110a873d62b0cba93972e < 18a168d85eadcfd45f015b5ecd2a97801b959e43 | affected |
| Linux | Linux | c33402b056de61104b6146dedbe138ca8d7ec62b < 9796d07c753164b7e6b0d7ef23fb4482840a9ef8 | affected |
| Linux | Linux | 038f8b7caa74d29e020949a43ca368c93f6b29b9 < 50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98 | affected |
| Linux | Linux | e8e07c5e25a29e2a6f119fd947f55d7a55eb8a13 < cf611d786796ec33da09d8c83d7d7f4e557b27de | affected |
| Linux | Linux | 4f1e50d6a9cf9c1b8c859d449b5031cacfa8404e < 1798b62d642e7b3d4ea3403914c3caf4e438465d | affected |
| Linux | Linux | 4f1e50d6a9cf9c1b8c859d449b5031cacfa8404e < 97eea946b93961fffd29448dcda7398d0d51c4b2 | affected |
| Linux | Linux | ef6cd9eeb38062a145802b7b56be7ae1090e165e | affected |
| Linux | Linux | 4.9.300 < 4.9.337 | affected |
| Linux | Linux | 4.14.265 < 4.14.303 | affected |
| Linux | Linux | 4.19.228 < 4.19.270 | affected |
| Linux | Linux | 5.4.178 < 5.4.228 | affected |
| Linux | Linux | 5.10.99 < 5.10.160 | affected |
| Linux | Linux | 5.15.22 < 5.15.84 | affected |
| Linux | Linux | 5.16.8 < 5.17 | affected |
| Linux | Linux | 5.17 | affected |
| Linux | Linux | 0 < 5.17 | unaffected |
| Linux | Linux | 4.9.337 <= 4.9.* | unaffected |
| Linux | Linux | 4.14.303 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.270 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.228 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.160 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.84 <= 5.15.* | unaffected |
| Linux | Linux | 6.0.14 <= 6.0.* | unaffected |
| Linux | Linux | 6.1 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0
- https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9
- https://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43
- https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8
- https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98
- https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de
- https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465d
- https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.