Vulnerabilities > CVE-2022-48917 - Unspecified vulnerability in Linux Kernel

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

NVD

Published: 2024-08-22

Updated: 2024-09-12

Summary

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min While the $val/$val2 values passed in from userspace are always >= 0 integers, the limits of the control can be signed integers and the $min can be non-zero and less than zero. To correctly validate $val/$val2 against platform_max, add the $min offset to val first.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 5.16.8 Linux Linux Kernel 5.16.9 Linux Linux Kernel 5.16.10 Linux Linux Kernel 5.16.11 Linux Linux Kernel 5.16.12 Linux Linux Kernel 5.15.22 Linux Linux Kernel 5.15.23 Linux Linux Kernel 5.15.24 Linux Linux Kernel 5.15.25 Linux Linux Kernel 5.15.26 Linux Linux Kernel 5.10.99 Linux Linux Kernel 5.10.100 Linux Linux Kernel 5.10.101 Linux Linux Kernel 5.10.102 Linux Linux Kernel 5.10.103 Linux Linux Kernel 5.4.178 Linux Linux Kernel 5.4.179 Linux Linux Kernel 5.4.180 Linux Linux Kernel 5.4.181 Linux Linux Kernel 5.4.182 Linux Linux Kernel 4.19.228 Linux Linux Kernel 4.19.229 Linux Linux Kernel 4.19.230 Linux Linux Kernel 4.19.231 Linux Linux Kernel 4.19.232 Linux Linux Kernel 4.14.265 Linux Linux Kernel 4.14.266 Linux Linux Kernel 4.14.267 Linux Linux Kernel 4.14.268 Linux Linux Kernel 4.14.269 Linux Linux Kernel 4.9.300 Linux Linux Kernel 4.9.301 Linux Linux Kernel 4.9.302 Linux Linux Kernel 4.9.303 Linux Linux Kernel 4.9.304	35

Summary

Vulnerable Configurations

References