Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-48701

Опубликовано: 03 мая 2024
Источник: redhat
CVSS3: 4.9

Описание

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsing the interface descriptor for this device. Fix this by checking the number of interfaces.

A flaw was found in the Linux kernel ALSA USB audio driver. This vulnerability allows a denial of service via a crafted USB audio device.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelAffected
Red Hat Enterprise Linux 7kernel-rtAffected
Red Hat Enterprise Linux 8kernel-rtAffected
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 8kernelFixedRHSA-2023:295116.05.2023
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=2278950kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug

4.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-48701

CVSS3: 7.1
ubuntu
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsing the interface descriptor for this device. Fix this by checking the number of interfaces.

nvd логотип

CVE-2022-48701

CVSS3: 7.1
nvd
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsing the interface descriptor for this device. Fix this by checking the number of interfaces.

debian логотип

CVE-2022-48701

CVSS3: 7.1
debian
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: A ...

github логотип

GHSA-2vqw-chr2-h9wp

CVSS3: 7.1
github
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsing the interface descriptor for this device. Fix this by checking the number of interfaces.

fstec логотип

BDU:2024-09762

CVSS3: 5.5
fstec
почти 3 года назад

Уязвимость компонента usb-audio ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

4.9 Medium

CVSS3