5.5

CVE-2023-52692

ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()

In the Linux kernel, the following vulnerability has been resolved:

ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()

scarlett2_usb_set_config() calls scarlett2_usb_get() but was not
checking the result. Return the error if it fails rather than
continuing with an invalid value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.14 < 5.15.148
LinuxLinux Kernel Version >= 5.16 < 6.1.75
LinuxLinux Kernel Version >= 6.2 < 6.6.14
LinuxLinux Kernel Version >= 6.7 < 6.7.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.138
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-252 Unchecked Return Value

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

https://git.kernel.org/stable/c/145c5aa51486171025ab47f35cff34bff8d0cea3
Patch
https://git.kernel.org/stable/c/51d5697e1c0380d482c3eab002bfc8d0be177e99
Patch
https://git.kernel.org/stable/c/996fde492ad9b9563ee483b363af40d7696a8467
Patch
https://git.kernel.org/stable/c/be96acd3eaa790d10a5b33e65267f52d02f6ad88
Patch
https://git.kernel.org/stable/c/ca459dfa7d4ed9098fcf13e410963be6ae9b6bf3
Patch