CVE-2022-48951
ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
21 Oct 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In the Linux kernel, the following vulnerability has been resolved:
ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
The bounds checks in snd_soc_put_volsw_sx() are only being applied to the
first channel, meaning it is possible to write out of bounds values to the
second channel in stereo controls. Add appropriate checks.
Affected products
Linux · LinuxReferences
https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465dhttps://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de