CVE-2022-49250

HIGH

Linux Kernel 5.12-5.15.33, 5.16-5.16.19, 5.17-5.17.2 - Out-of-bounds Read in ASoC RX-Macro AUX Interpolator

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing compander for aux AUX interpolator does not have compander, so check before accessing compander data for this. Without this checkan array of out bounds access will be made in comp_enabled[] array.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/9208ecc703b5ed5b12d7ea13c79207f4c8456638

Patch

https://git.kernel.org/stable/c/87a2b44cb3005d30c3a72234d1e47b03ae3bb29a

Patch

https://git.kernel.org/stable/c/6aa8ef9535dbd561293406608ebe791627b10196

Patch

https://git.kernel.org/stable/c/42c709c4e1ce4c136891530646c9abd5dff3524f

Scores

CVSS v3 7.1

EPSS 0.0025

EPSS Percentile 15.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (14)

linux/Kernel 5.12.0 - 5.15.33linux

linux/Kernel 5.16.0 - 5.16.19linux

linux/Kernel 5.17.0 - 5.17.2linux

Linux/Linux < 5.12

Linux/Linux 4f692926f562ff48abfcca6b16f36ff8d57473b6 - 42c709c4e1ce4c136891530646c9abd5dff3524f

Linux/Linux 4f692926f562ff48abfcca6b16f36ff8d57473b6 - 6aa8ef9535dbd561293406608ebe791627b10196

Linux/Linux 4f692926f562ff48abfcca6b16f36ff8d57473b6 - 87a2b44cb3005d30c3a72234d1e47b03ae3bb29a

Linux/Linux 4f692926f562ff48abfcca6b16f36ff8d57473b6 - 9208ecc703b5ed5b12d7ea13c79207f4c8456638

Linux/Linux 5.12

Linux/Linux 5.15.33 - 5.15.*

... and 4 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026