7.1

CVE-2022-48738

ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()

In the Linux kernel, the following vulnerability has been resolved:

ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()

We don't currently validate that the values being set are within the range
we advertised to userspace as being valid, do so and reject any values
that are out of range.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.9.300
LinuxLinux Kernel Version >= 4.10 < 4.14.265
LinuxLinux Kernel Version >= 4.15 < 4.19.228
LinuxLinux Kernel Version >= 4.20 < 5.4.178
LinuxLinux Kernel Version >= 5.5 < 5.10.99
LinuxLinux Kernel Version >= 5.11 < 5.15.22
LinuxLinux Kernel Version >= 5.16 < 5.16.8
LinuxLinux Kernel Version5.17 Updaterc1
LinuxLinux Kernel Version5.17 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.14
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/40f598698129b5ceaf31012f9501b775c7b6e57d
Patch
https://git.kernel.org/stable/c/586ef863c94354a7e00e5ae5ef01443d1dc99bc7
Patch
https://git.kernel.org/stable/c/65a61b1f56f5386486757930069fbdce94af08bf
Patch
https://git.kernel.org/stable/c/68fd718724284788fc5f379e0b7cac541429ece7
Patch
https://git.kernel.org/stable/c/817f7c9335ec01e0f5e8caffc4f1dcd5e458a4c0
Patch
https://git.kernel.org/stable/c/9e8895f1b3d4433f6d78aa6578e9db61ca6e6830
Patch
https://git.kernel.org/stable/c/a9394f21fba027147bf275b083c77955864c366a
Patch
https://git.kernel.org/stable/c/bb72d2dda85564c66d909108ea6903937a41679d
Patch