7.8

CVE-2022-48951

ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()

In the Linux kernel, the following vulnerability has been resolved:

ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()

The bounds checks in snd_soc_put_volsw_sx() are only being applied to the
first channel, meaning it is possible to write out of bounds values to the
second channel in stereo controls. Add appropriate checks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.9.337
LinuxLinux Kernel Version >= 4.10 < 4.14.303
LinuxLinux Kernel Version >= 4.15 < 4.19.270
LinuxLinux Kernel Version >= 4.20 < 5.4.228
LinuxLinux Kernel Version >= 5.5 < 5.10.160
LinuxLinux Kernel Version >= 5.11 < 5.15.84
LinuxLinux Kernel Version >= 5.16 < 6.0.14
LinuxLinux Kernel Version6.1 Updaterc1
LinuxLinux Kernel Version6.1 Updaterc2
LinuxLinux Kernel Version6.1 Updaterc3
LinuxLinux Kernel Version6.1 Updaterc4
LinuxLinux Kernel Version6.1 Updaterc5
LinuxLinux Kernel Version6.1 Updaterc6
LinuxLinux Kernel Version6.1 Updaterc7
LinuxLinux Kernel Version6.1 Updaterc8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.154
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465d
Patch
https://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43
Patch
https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98
Patch
https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0
Patch
https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8
Patch
https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2
Patch
https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9
Patch
https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de
Patch