CVE-2022-49250

high

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing compander for aux AUX interpolator does not have compander, so check before accessing compander data for this. Without this checkan array of out bounds access will be made in comp_enabled[] array.

References

https://git.kernel.org/stable/c/9208ecc703b5ed5b12d7ea13c79207f4c8456638

https://git.kernel.org/stable/c/87a2b44cb3005d30c3a72234d1e47b03ae3bb29a

https://git.kernel.org/stable/c/6aa8ef9535dbd561293406608ebe791627b10196

https://git.kernel.org/stable/c/42c709c4e1ce4c136891530646c9abd5dff3524f

Details

Source: Mitre, NVD

Published: 2025-02-26

Updated: 2025-02-26

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High