LinuxVULNRICHMENT:CVE-2022-48717

HistoryJun 20, 2024 - 11:13 a.m.

CVE-2022-48717 ASoC: max9759: fix underflow in speaker_gain_control_put()

2024-06-2011:13:09

Linux

github.com

linux kernel

underflow vulnerability

asoc max9759

AI Score

6.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

ASoC: max9759: fix underflow in speaker_gain_control_put()

Check for negative values of “priv->gain” to prevent an out of bounds
access. The concern is that these might come from the user via:
-> snd_ctl_elem_write_user()
-> snd_ctl_elem_write()
-> kctl->put()

References

git.kernel.org/stable/c/4c907bcd9dcd233da6707059d777ab389dcbd964

git.kernel.org/stable/c/5a45448ac95b715173edb1cd090ff24b6586d921

git.kernel.org/stable/c/71e60c170105d153e34d01766c1e4db26a4b24cc

git.kernel.org/stable/c/a0f49d12547d45ea8b0f356a96632dd503941c1e

git.kernel.org/stable/c/baead410e5db49e962a67fffc17ac30e44b50b7c

git.kernel.org/stable/c/f114fd6165dfb52520755cc4d1c1dfbd447b88b6