CRITICAL🇵🇱 Wersja polska

CVE-2022-48716

CVSS 9.8v3.1pub. 2024-06-20upd. 2025-04-01

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer->reg, which is not same as port id. port id should be derived from chan_info array. So fix this. Without this, its possible that we could corrupt struct wcd938x_sdw_priv by accessing port_map array out of range with channel id instead of port id.

🤖 AI Analysis
How it works

Mixer controls store a channel identifier in the mixer->reg field, which is not identical to the port identifier. The correct port id should be retrieved from the chan_info array. Incorrect use of channel id instead of port id for indexing the port_map array can cause out-of-bounds write or read operations, leading to corruption of the wcd938x_sdw_priv structure. This is a classic case of uncontrolled resource consumption or memory corruption (CWE-400).

Impact

Local attackers or malicious processes can cause memory corruption in the kernel, which may result in privilege escalation, system instability, or system crash. In extreme cases, full system control is possible.

Mitigation & patch

Apply patches available from the vendor according to references — fixes have been published in the Linux kernel stable repository under commits: 9167f2712dc8, aa7152f9f117, and c5c1546a654f. It is recommended to update the kernel to a version containing the indicated patches.

Who is affected

Linux kernel containing the ASoC driver for the wcd938x codec — specific versions indicated in vendor references (commits in the Linux kernel stable repository).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Linux Kernel

    OS
    Linux
    5.175.14 – 5.15.22 (bez)5.16 – 5.16.8 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP

CVE-2022-47986CRITICAL9.8⚠ KEVten sam produkt

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on t...

CVE-2022-22954CRITICAL9.8⚠ KEVten sam produkt

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-s...

CVE-2020-4006CRITICAL9.1⚠ KEVten sam produkt

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a...