CVE-2022-50049

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ASoC: DPCM: Don&amp;#39;t pick up BE without substream<br /> <br /> When DPCM tries to add valid BE connections at dpcm_add_paths(), it<br /> doesn&amp;#39;t check whether the picked BE actually supports for the given<br /> stream direction. Due to that, when an asymmetric BE stream is<br /> present, it picks up wrongly and this may result in a NULL dereference<br /> at a later point where the code assumes the existence of a<br /> corresponding BE substream.<br /> <br /> This patch adds the check for the presence of the substream for the<br /> target BE for avoiding the problem above.<br /> <br /> Note that we have already some fix for non-existing BE substream at<br /> commit 6246f283d5e0 ("ASoC: dpcm: skip missing substream while<br /> applying symmetry"). But the code path we&amp;#39;ve hit recently is rather<br /> happening before the previous fix. So this patch tries to fix at<br /> picking up a BE instead of parsing BE lists.