CVE-2022-49616

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7*-sdw: harden jack_detect_handler Realtek headset codec drivers typically check if the card is instantiated before proceeding with the jack detection. The rt700, rt711 and rt711-sdca are however missing a check on the card pointer, which can lead to NULL dereferences encountered in driver bind/unbind tests.

References

https://git.kernel.org/stable/c/1d75b73ec6d6b705cca528b36d8315e43e8d7fa5

https://git.kernel.org/stable/c/07a606e1389a63b61cb8cd591026f30529117573

https://git.kernel.org/stable/c/0484271ab0ce50649329fa9dc23c50853c5b26a4

Details

Source: Mitre, NVD

Published: 2025-02-26

Updated: 2025-02-26

Risk Information

CVSS v2

Base Score: 6.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium