{"id":"CVE-2022-48951","summary":"ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()\n\nThe bounds checks in snd_soc_put_volsw_sx() are only being applied to the\nfirst channel, meaning it is possible to write out of bounds values to the\nsecond channel in stereo controls. Add appropriate checks.","modified":"2026-03-20T12:22:02.812095Z","published":"2024-10-21T20:05:39.092Z","related":["SUSE-SU-2024:3983-1","SUSE-SU-2024:3985-1","SUSE-SU-2024:4082-1","SUSE-SU-2024:4100-1","SUSE-SU-2024:4131-1","SUSE-SU-2024:4364-1","SUSE-SU-2025:0034-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48951.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1798b62d642e7b3d4ea3403914c3caf4e438465d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/18a168d85eadcfd45f015b5ecd2a97801b959e43"},{"type":"WEB","url":"https://git.kernel.org/stable/c/50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98"},{"type":"WEB","url":"https://git.kernel.org/stable/c/56288987843c3cb343e81e5fa51549cbaf541bd0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9796d07c753164b7e6b0d7ef23fb4482840a9ef8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/97eea946b93961fffd29448dcda7398d0d51c4b2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cf1c225f1927891ae388562b78ced7840c3723b9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cf611d786796ec33da09d8c83d7d7f4e557b27de"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48951.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48951"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9e5c40b5706d8aae2cf70bd7e01f0b4575a642d0"},{"fixed":"56288987843c3cb343e81e5fa51549cbaf541bd0"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4977491e4b3aad8567f57e2a9992d251410c1db3"},{"fixed":"cf1c225f1927891ae388562b78ced7840c3723b9"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9a12fcbf3c622f9bf6b110a873d62b0cba93972e"},{"fixed":"18a168d85eadcfd45f015b5ecd2a97801b959e43"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c33402b056de61104b6146dedbe138ca8d7ec62b"},{"fixed":"9796d07c753164b7e6b0d7ef23fb4482840a9ef8"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"038f8b7caa74d29e020949a43ca368c93f6b29b9"},{"fixed":"50b5f6d4d9d2d69a7498c44fd8b26e13d73d3d98"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e8e07c5e25a29e2a6f119fd947f55d7a55eb8a13"},{"fixed":"cf611d786796ec33da09d8c83d7d7f4e557b27de"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4f1e50d6a9cf9c1b8c859d449b5031cacfa8404e"},{"fixed":"1798b62d642e7b3d4ea3403914c3caf4e438465d"},{"fixed":"97eea946b93961fffd29448dcda7398d0d51c4b2"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"ef6cd9eeb38062a145802b7b56be7ae1090e165e"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-48951.json"}}],"schema_version":"1.7.5"}