CVE-2022-48951

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465d	Patch
https://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43	Patch
https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98	Patch
https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0	Patch
https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8	Patch
https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2	Patch
https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9	Patch
https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc7::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc8::::::

History

25 Oct 2024, 20:01

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465d -~~	() https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465d - Patch
References	~~() https://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43 -~~	() https://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43 - Patch
References	~~() https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98 -~~	() https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98 - Patch
References	~~() https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0 -~~	() https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0 - Patch
References	~~() https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8 -~~	() https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8 - Patch
References	~~() https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2 -~~	() https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2 - Patch
References	~~() https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9 -~~	() https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9 - Patch
References	~~() https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de -~~	() https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de - Patch
CPE		cpe:2.3:o:linux:linux_kernel:6.1:rc5:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.1:rc8:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc7:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc6::::::
CWE		CWE-787
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8

23 Oct 2024, 15:13

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: ops: Verificar límites para el segundo canal en snd_soc_put_volsw_sx() Las comprobaciones de los límites en snd_soc_put_volsw_sx() solo se aplican al primer canal, lo que significa que es posible escribir valores fuera de los límites en el segundo canal en controles estéreo. Agregue las comprobaciones adecuadas.

21 Oct 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-21 20:15

Updated : 2024-10-25 20:01

NVD link : CVE-2022-48951

Mitre link : CVE-2022-48951

CVE.ORG link : CVE-2022-48951

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2022-48951", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-10-21T20:15:06.530", "references": [{"url": "https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()\n\nThe bounds checks in snd_soc_put_volsw_sx() are only being applied to the\nfirst channel, meaning it is possible to write out of bounds values to the\nsecond channel in stereo controls. Add appropriate checks."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: ops: Verificar l\u00edmites para el segundo canal en snd_soc_put_volsw_sx() Las comprobaciones de los l\u00edmites en snd_soc_put_volsw_sx() solo se aplican al primer canal, lo que significa que es posible escribir valores fuera de los l\u00edmites en el segundo canal en controles est\u00e9reo. Agregue las comprobaciones adecuadas."}], "lastModified": "2024-10-25T20:01:24.943", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FFBA9B5-26DC-4802-9A86-F7B886954E4A", "versionEndExcluding": "4.9.337"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E7450AD-4739-46F0-B81B-C02E7B35A97B", "versionEndExcluding": "4.14.303", "versionStartIncluding": "4.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE8904A3-99BE-4E49-9682-1F90A6373F4F", "versionEndExcluding": "4.19.270", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4C9B19E-CA7E-4B02-ADDD-4D572867804E", "versionEndExcluding": "5.4.228", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4AE0903-0CA6-451B-AA7C-0F4B588FFB8A", "versionEndExcluding": "5.10.160", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1926D676-6FAF-4772-8DD6-796AFC3FC120", "versionEndExcluding": "5.15.84", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8761B6C5-F658-46D1-92B8-4ED28F931D6A", "versionEndExcluding": "6.0.14", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21718AA4-4056-40F2-968E-BDAA465A7872"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}

7.8 /10