CVE-2022-49250

HIGH

Linux kernel - Info Disclosure

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing compander for aux AUX interpolator does not have compander, so check before accessing compander data for this. Without this checkan array of out bounds access will be made in comp_enabled[] array.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/42c709c4e1ce4c136891530646c9abd5dff3524f

Patch

https://git.kernel.org/stable/c/6aa8ef9535dbd561293406608ebe791627b10196

Patch

https://git.kernel.org/stable/c/87a2b44cb3005d30c3a72234d1e47b03ae3bb29a

Patch

https://git.kernel.org/stable/c/9208ecc703b5ed5b12d7ea13c79207f4c8456638

Scores

CVSS v3 7.1

EPSS 0.0014

EPSS Percentile 33.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (4)

linux/Kernel 5.12.0 - 5.15.33linux

linux/Kernel 5.16.0 - 5.16.19linux

linux/Kernel 5.17.0 - 5.17.2linux

linux/linux_kernel 5.12 - 5.15.33

Published Feb 26, 2025

Tracked Since Feb 18, 2026