CVE-2022-48717
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/06/2024
Last modified:
20/06/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ASoC: max9759: fix underflow in speaker_gain_control_put()<br />
<br />
Check for negative values of "priv->gain" to prevent an out of bounds<br />
access. The concern is that these might come from the user via:<br />
-> snd_ctl_elem_write_user()<br />
-> snd_ctl_elem_write()<br />
-> kctl->put()
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/4c907bcd9dcd233da6707059d777ab389dcbd964
- https://git.kernel.org/stable/c/5a45448ac95b715173edb1cd090ff24b6586d921
- https://git.kernel.org/stable/c/71e60c170105d153e34d01766c1e4db26a4b24cc
- https://git.kernel.org/stable/c/a0f49d12547d45ea8b0f356a96632dd503941c1e
- https://git.kernel.org/stable/c/baead410e5db49e962a67fffc17ac30e44b50b7c
- https://git.kernel.org/stable/c/f114fd6165dfb52520755cc4d1c1dfbd447b88b6