SB20240620178 - Out-of-bounds read in Linux kernel soc
Published: June 20, 2024 Updated: May 13, 2025
Security Bulletin ID
SB20240620178
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2022-48738)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the snd_soc_put_volsw() function in sound/soc/soc-ops.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/40f598698129b5ceaf31012f9501b775c7b6e57d
- https://git.kernel.org/stable/c/586ef863c94354a7e00e5ae5ef01443d1dc99bc7
- https://git.kernel.org/stable/c/65a61b1f56f5386486757930069fbdce94af08bf
- https://git.kernel.org/stable/c/68fd718724284788fc5f379e0b7cac541429ece7
- https://git.kernel.org/stable/c/a9394f21fba027147bf275b083c77955864c366a
- https://git.kernel.org/stable/c/9e8895f1b3d4433f6d78aa6578e9db61ca6e6830
- https://git.kernel.org/stable/c/bb72d2dda85564c66d909108ea6903937a41679d
- https://git.kernel.org/stable/c/817f7c9335ec01e0f5e8caffc4f1dcd5e458a4c0
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.265
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.228
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.300
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.99
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.22
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.178