7.1

CVE-2022-49250

ASoC: codecs: rx-macro: fix accessing compander for aux

In the Linux kernel, the following vulnerability has been resolved:

ASoC: codecs: rx-macro: fix accessing compander for aux

AUX interpolator does not have compander, so check before accessing
compander data for this.

Without this checkan array of out bounds access will be made in
comp_enabled[] array.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.12 < 5.15.33
LinuxLinux Kernel Version >= 5.16 < 5.16.19
LinuxLinux Kernel Version >= 5.17 < 5.17.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.164
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/42c709c4e1ce4c136891530646c9abd5dff3524f
Patch
https://git.kernel.org/stable/c/6aa8ef9535dbd561293406608ebe791627b10196
Patch
https://git.kernel.org/stable/c/87a2b44cb3005d30c3a72234d1e47b03ae3bb29a
Patch
https://git.kernel.org/stable/c/9208ecc703b5ed5b12d7ea13c79207f4c8456638
Patch