CVE-2022-49616

MEDIUM

Linux Kernel 5.6-5.15.56, 5.16-5.18.13 - NULL Pointer Dereference in Realtek Headset Codec Jack Detection

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7*-sdw: harden jack_detect_handler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card pointer, which can lead to NULL dereferences encountered in driver bind/unbind tests.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/07a606e1389a63b61cb8cd591026f30529117573

Patch

https://git.kernel.org/stable/c/1d75b73ec6d6b705cca528b36d8315e43e8d7fa5

Patch

https://git.kernel.org/stable/c/0484271ab0ce50649329fa9dc23c50853c5b26a4

Scores

CVSS v3 5.5

EPSS 0.0024

EPSS Percentile 14.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (12)

linux/Kernel 5.16.0 - 5.18.13linux

linux/Kernel 5.6.0 - 5.15.56linux

Linux/Linux < 5.6

Linux/Linux 320b8b0d13b81f3697acff5b6ddb47f88a09c118 - 0484271ab0ce50649329fa9dc23c50853c5b26a4

Linux/Linux 320b8b0d13b81f3697acff5b6ddb47f88a09c118 - 07a606e1389a63b61cb8cd591026f30529117573

Linux/Linux 320b8b0d13b81f3697acff5b6ddb47f88a09c118 - 1d75b73ec6d6b705cca528b36d8315e43e8d7fa5

Linux/Linux 5.15.56 - 5.15.*

Linux/Linux 5.18.13 - 5.18.*

Linux/Linux 5.19

Linux/Linux 5.6

... and 2 more

Published Feb 26, 2025

Tracked Since Feb 18, 2026