{"id":"CVE-2022-48917","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Shift tested values in snd_soc_put_volsw() by +min\n\nWhile the $val/$val2 values passed in from userspace are always \u003e= 0\nintegers, the limits of the control can be signed integers and the $min\ncan be non-zero and less than zero. To correctly validate $val/$val2\nagainst platform_max, add the $min offset to val first.","modified":"2025-05-10T18:55:29.641389Z","published":"2024-08-22T02:15:05Z","withdrawn":"2025-05-10T18:55:29.641389Z","related":["SUSE-SU-2024:3190-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3225-1","SUSE-SU-2024:3227-1","SUSE-SU-2024:3249-1","SUSE-SU-2024:3408-1","SUSE-SU-2024:3483-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/050b1821f27c5d4fd5a298f6e62c3d3c9335e622"},{"type":"FIX","url":"https://git.kernel.org/stable/c/0b2ecc9163472128e7f30b517bee92dcd27ffc34"},{"type":"FIX","url":"https://git.kernel.org/stable/c/6951a5888165a38bb7c39a2d18f5668b2f1241c7"},{"type":"FIX","url":"https://git.kernel.org/stable/c/69f42e41256d5a234d3ae0d35fa66dc6d8171846"},{"type":"FIX","url":"https://git.kernel.org/stable/c/70712d5afbbea898d5f51fa02e315fe0a4835043"},{"type":"FIX","url":"https://git.kernel.org/stable/c/7e0e4bc93811cf600508ff36f07abea7b40643ed"},{"type":"FIX","url":"https://git.kernel.org/stable/c/9bdd10d57a8807dba0003af0325191f3cec0f11c"},{"type":"FIX","url":"https://git.kernel.org/stable/c/f3537f1b2bfd3b1df15723df49fc26eccd5112fe"},{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2022-48917"}],"affected":[{"package":{"name":"linux","ecosystem":"Debian:11","purl":"pkg:deb/debian/linux?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.106-1"}]}],"versions":["5.10.103-1","5.10.103-1~bpo10+1","5.10.46-4","5.10.46-5","5.10.70-1","5.10.70-1~bpo10+1","5.10.84-1","5.10.92-1","5.10.92-1~bpo10+1","5.10.92-2"],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48917.json"}},{"package":{"name":"linux","ecosystem":"Debian:12","purl":"pkg:deb/debian/linux?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.16.14-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48917.json"}},{"package":{"name":"linux","ecosystem":"Debian:13","purl":"pkg:deb/debian/linux?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.16.14-1"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48917.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}