exploitDog

CVE-2022-48951

Опубликовано: 21 окт. 2024

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()

The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия до 4.9.337 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.10 (включая) до 4.14.303 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.15 (включая) до 4.19.270 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.228 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.10.160 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.84 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 6.0.14 (исключая)

cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*

EPSS

Процентиль: 7%

0.00029

Низкий

7.8 High

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-48951

CVSS3: 7.8

ubuntu

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.

CVE-2022-48951

CVSS3: 6.7

redhat

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.

CVE-2022-48951

CVSS3: 7.8

debian

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: A ...

GHSA-vwjf-jh23-hhpx

CVSS3: 7.8

github

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.

BDU:2025-01692

CVSS3: 7.8

fstec

больше 3 лет назад

Уязвимость компонента AsoC ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 7%

0.00029

Низкий

7.8 High

CVSS3

Дефекты

CWE-787