CVE-2022-49616

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: rt7*-sdw: harden jack_detect_handler

Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection.

The rt700, rt711 and rt711-sdca are however missing a check on the card pointer, which can lead to NULL dereferences encountered in driver bind/unbind tests.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux320b8b0d13b81f3697acff5b6ddb47f88a09c118 < 07a606e1389a63b61cb8cd591026f30529117573affected
LinuxLinux320b8b0d13b81f3697acff5b6ddb47f88a09c118 < 1d75b73ec6d6b705cca528b36d8315e43e8d7fa5affected
LinuxLinux320b8b0d13b81f3697acff5b6ddb47f88a09c118 < 0484271ab0ce50649329fa9dc23c50853c5b26a4affected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.15.56 <= 5.15.*unaffected
LinuxLinux5.18.13 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

References