CVE-2022-48917 ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min

2024-08-2201:32:20

Linux

www.cve.org

linux kernel

asoc

vulnerability

snd_soc_put_volsw

platform_max

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min

While the $val/$val2 values passed in from userspace are always >= 0
integers, the limits of the control can be signed integers and the $min
can be non-zero and less than zero. To correctly validate $val/$val2
against platform_max, add the $min offset to val first.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "sound/soc/soc-ops.c"
    ],
    "versions": [
      {
        "version": "40f598698129",
        "lessThan": "69f42e41256d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "586ef863c943",
        "lessThan": "7e0e4bc93811",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "65a61b1f56f5",
        "lessThan": "0b2ecc916347",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "68fd71872428",
        "lessThan": "f3537f1b2bfd",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "a9394f21fba0",
        "lessThan": "6951a5888165",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "9e8895f1b3d4",
        "lessThan": "050b1821f27c",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "bb72d2dda855",
        "lessThan": "70712d5afbbe",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "817f7c9335ec",
        "lessThan": "9bdd10d57a88",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "sound/soc/soc-ops.c"
    ],
    "versions": [
      {
        "version": "4.9.300",
        "lessThan": "4.9.305",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "4.14.265",
        "lessThan": "4.14.270",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "4.19.228",
        "lessThan": "4.19.233",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "5.4.178",
        "lessThan": "5.4.183",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "5.10.99",
        "lessThan": "5.10.104",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "5.15.22",
        "lessThan": "5.15.27",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "5.16.8",
        "lessThan": "5.16.13",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]