CVE-2022-48951

Sažetak

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to the first channel, meaning it is possible to write out of bounds values to the second channel in stereo controls. Add appropriate checks.

Reference

https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465d
https://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43
https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98
https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0
https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8
https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2
https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9
https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

25-10-2024 - 20:01

Objavljeno

21-10-2024 - 20:15