CVE-2022-48739

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iec_status array by changing it to the size of status array of the struct snd_aes_iec958. This fixes out-of-bounds slab read accesses made by memcpy() of the hdmi-codec driver. This problem is reported by KASAN.

References

https://git.kernel.org/stable/c/1552e66be325a21d7eff49f46013fb402165a0ac

https://git.kernel.org/stable/c/10007bd96b6c4c3cfaea9e76c311b06a07a5e260

https://git.kernel.org/stable/c/06feec6005c9d9500cd286ec440aabf8b2ddd94d

Details

Source: Mitre, NVD

Published: 2024-06-20

Updated: 2024-06-20

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium