SB20240620176 - Out-of-bounds read in Linux kernel soc
Published: June 20, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240620176
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2022-48736)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_soc_put_xr_sx() function in sound/soc/soc-ops.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/17e16a66b4f9a310713d8599e6e1ca4a0c9fd28c
- https://git.kernel.org/stable/c/54abca038e287d3746dd40016514670a7f654c5c
- https://git.kernel.org/stable/c/7659f25a80e6affb784b690df8994b79b4212fd4
- https://git.kernel.org/stable/c/fd9a23319f16e7031f0d8c98eed6e093c2927229
- https://git.kernel.org/stable/c/6877f87579ed830f9ff6d478539074f035d04bfb
- https://git.kernel.org/stable/c/b0a7836ecf1345814a7d8ef748fb797c520dad18
- https://git.kernel.org/stable/c/e09cf398e8c6db69c620b6d8073abc4377a07af5
- https://git.kernel.org/stable/c/4cf28e9ae6e2e11a044be1bcbcfa1b0d8675fe4d
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.265
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.228
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.300
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.22
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.178