CVE-2022-48701

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-48701
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48701.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48701
Downstream
Related
Published
2024-05-03T15:12:34.160Z
Modified
2026-03-14T12:00:40.003846Z
Summary
ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Fix an out-of-bounds bug in __sndusbparseaudiointerface()

There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsing the interface descriptor for this device.

Fix this by checking the number of interfaces.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/48xxx/CVE-2022-48701.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
b9d43bcd061956c8144bcb453d07d13236b6ab28
Fixed
b970518014f2f0f6c493fb86c1e092b936899061
Fixed
91904870370fd986c29719846ed76d559de43251
Fixed
2a308e415d247a23d4d64c964c02e782eede2936
Fixed
0492798bf8dfcc09c9337a1ba065da1d1ca68712
Fixed
6123bec8480d23369e2ee0b2208611619f269faf
Fixed
98e8e67395cc6d0cdf3a771f86ea42d0ee6e59dd
Fixed
8293e61bbf908b18ff9935238d4fc2ad359e3fe0
Fixed
e53f47f6c1a56d2af728909f1cb894da6b43d9bf

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48701.json"