lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025050116-CVE-2022-49772-912e@gregkh> Date: Thu, 1 May 2025 16:09:22 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-49772: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() snd_usbmidi_output_open() has a check of the NULL port with snd_BUG_ON(). snd_BUG_ON() was used as this shouldn't have happened, but in reality, the NULL port may be seen when the device gives an invalid endpoint setup at the descriptor, hence the driver skips the allocation. That is, the check itself is valid and snd_BUG_ON() should be dropped from there. Otherwise it's confusing as if it were a real bug, as recently syzbot stumbled on it. The Linux kernel CVE team has assigned CVE-2022-49772 to this issue. Affected and fixed versions =========================== Fixed in 4.9.334 with commit 872c9314769e89d8bda74ff3ac584756a45ee752 Fixed in 4.14.300 with commit 368a01e5064c13946d032ab1d65ba95020a39cc5 Fixed in 4.19.267 with commit c43991065f36f7628cd124e037b8750c4617a7a7 Fixed in 5.4.225 with commit e7dc436aea80308a9268e6d2d85f910ff107de9b Fixed in 5.10.156 with commit a80369c8ca50bc885d14386087a834659ec54a54 Fixed in 5.15.80 with commit 02b94885b2fdf1808b1874e009bfb90753f8f4db Fixed in 6.0.10 with commit 00f5f1bbf815a39e9eecb468d12ca55d3360eb10 Fixed in 6.1 with commit ad72c3c3f6eb81d2cb189ec71e888316adada5df Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49772 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: sound/usb/midi.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/872c9314769e89d8bda74ff3ac584756a45ee752 https://git.kernel.org/stable/c/368a01e5064c13946d032ab1d65ba95020a39cc5 https://git.kernel.org/stable/c/c43991065f36f7628cd124e037b8750c4617a7a7 https://git.kernel.org/stable/c/e7dc436aea80308a9268e6d2d85f910ff107de9b https://git.kernel.org/stable/c/a80369c8ca50bc885d14386087a834659ec54a54 https://git.kernel.org/stable/c/02b94885b2fdf1808b1874e009bfb90753f8f4db https://git.kernel.org/stable/c/00f5f1bbf815a39e9eecb468d12ca55d3360eb10 https://git.kernel.org/stable/c/ad72c3c3f6eb81d2cb189ec71e888316adada5df
Powered by blists - more mailing lists