7.1

CVE-2022-49250

EPSS 0.14%
Veröffentlicht 26.02.2025 07:01:01
Zuletzt bearbeitet 22.09.2025 20:54:52
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

ASoC: codecs: rx-macro: fix accessing compander for aux

In the Linux kernel, the following vulnerability has been resolved:

ASoC: codecs: rx-macro: fix accessing compander for aux

AUX interpolator does not have compander, so check before accessing
compander data for this.

Without this checkan array of out bounds access will be made in
comp_enabled[] array.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

NVD 3 VulnDex Vulnerability Enrichment 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 5.12 < 5.15.33

Linux ≫ Linux Kernel Version >= 5.16 < 5.16.19

Linux ≫ Linux Kernel Version >= 5.17 < 5.17.2

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.14%	0.338

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.1	1.8	5.2	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

https://git.kernel.org/stable/c/42c709c4e1ce4c136891530646c9abd5dff3524f

Patch

https://git.kernel.org/stable/c/6aa8ef9535dbd561293406608ebe791627b10196

Patch

https://git.kernel.org/stable/c/87a2b44cb3005d30c3a72234d1e47b03ae3bb29a

Patch

https://git.kernel.org/stable/c/9208ecc703b5ed5b12d7ea13c79207f4c8456638

Patch

https://nvd.nist.gov/vuln/detail/CVE-2022-49250

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-49250

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-49250

EUVD