| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022650-CVE-2022-49045-7d21@gregkh> Date: Wed, 26 Feb 2025 02:54:10 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49045: ALSA: pcm: Test for "silence" field in struct "pcm_format_data" Description =========== In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Test for "silence" field in struct "pcm_format_data" Syzbot reports "KASAN: null-ptr-deref Write in snd_pcm_format_set_silence".[1] It is due to missing validation of the "silence" field of struct "pcm_format_data" in "pcm_formats" array. Add a test for valid "pat" and, if it is not so, return -EINVAL. [1] https://lore.kernel.org/lkml/000000000000d188ef05dc2c7279@google.com/ The Linux kernel CVE team has assigned CVE-2022-49045 to this issue. Affected and fixed versions =========================== Fixed in 4.9.311 with commit 77af45df08768401602472f3e3879dce14f55497 Fixed in 4.14.276 with commit c3b2f23bfe5452b00eb1c842bc71098449e4ad9f Fixed in 4.19.239 with commit eb04e3112a3516e483d60a9af9762961702a6c1b Fixed in 5.4.190 with commit 377a80ca6590f40ec8a85227b889a5d399fe26c3 Fixed in 5.10.112 with commit 912797e54c99a98f0722f21313e13a3938bb6dba Fixed in 5.15.35 with commit 63038f6e96a77a0abf8083649c53e6a72c1a0124 Fixed in 5.17.4 with commit 97345c90235b1bb7661e7a428d9dcb96b1d7f5d4 Fixed in 5.18 with commit 2f7a26abb8241a0208c68d22815aa247c5ddacab Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49045 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: sound/core/pcm_misc.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/77af45df08768401602472f3e3879dce14f55497 https://git.kernel.org/stable/c/c3b2f23bfe5452b00eb1c842bc71098449e4ad9f https://git.kernel.org/stable/c/eb04e3112a3516e483d60a9af9762961702a6c1b https://git.kernel.org/stable/c/377a80ca6590f40ec8a85227b889a5d399fe26c3 https://git.kernel.org/stable/c/912797e54c99a98f0722f21313e13a3938bb6dba https://git.kernel.org/stable/c/63038f6e96a77a0abf8083649c53e6a72c1a0124 https://git.kernel.org/stable/c/97345c90235b1bb7661e7a428d9dcb96b1d7f5d4 https://git.kernel.org/stable/c/2f7a26abb8241a0208c68d22815aa247c5ddacab
Powered by blists - more mailing lists