CVE-2022-48951
HIGHLinux Kernel Out-of-bounds Write in snd_soc_put_volsw_sx()
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.
References (8)
Core 8
Core References
Scores
CVSS v3
7.8
EPSS
0.0024
EPSS Percentile
15.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-787
Status
published
Products (35)
linux/Kernel
< 4.9.337linux
linux/Kernel
4.10.0 - 4.14.303linux
linux/Kernel
4.15.0 - 4.19.270linux
linux/Kernel
4.20.0 - 5.4.228linux
linux/Kernel
5.11.0 - 5.15.84linux
linux/Kernel
5.16.0 - 6.0.14linux
linux/Kernel
5.5.0 - 5.10.160linux
Linux/Linux
< 5.17
Linux/Linux
038f8b7caa74d29e020949a43ca368c93f6b29b9 - 50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98
Linux/Linux
4.14.265 - 4.14.303
... and 25 more
Published
Oct 21, 2024
Tracked Since
Feb 18, 2026