CVE-2022-48716
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-48716
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48716.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-48716
- Downstream
- Related
- Published
- 2024-06-20T11:13:09Z
- Modified
- 2025-10-21T08:21:06.613811Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- ASoC: codecs: wcd938x: fix incorrect used of portid
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ASoC: codecs: wcd938x: fix incorrect used of portid
Mixer controls have the channel id in mixer->reg, which is not same as port id. port id should be derived from chaninfo array. So fix this. Without this, its possible that we could corrupt struct wcd938xsdwpriv by accessing portmap array out of range with channel id instead of port id.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede8ba1e05bdc016700c85fad559a812c2e795442fFixedaa7152f9f117b3e66b3c0d4158ca4c6d46ab229f
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede8ba1e05bdc016700c85fad559a812c2e795442fFixed9167f2712dc8c24964840a4d1e2ebf130e846b95
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede8ba1e05bdc016700c85fad559a812c2e795442fFixedc5c1546a654f613e291a7c5d6f3660fc1eb6d0c7
Affected versions
v5.*
v5.13
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.3
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
Database specific
vanir_signatures
[
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "334508300897706385551615272877324844252",
"length": 357.0
},
"target": {
"function": "wcd938x_get_swr_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-0b085ab7",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9167f2712dc8c24964840a4d1e2ebf130e846b95",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "39958626881346700390483368544468624242",
"length": 216.0
},
"target": {
"function": "wcd938x_connect_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-3c74b4ea",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c5c1546a654f613e291a7c5d6f3660fc1eb6d0c7",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"196361755736386733401734877797331558390",
"119030772096482029532961001806884339267",
"185500778618325334177336373213411211780",
"55896616350524776590701785675309598656",
"242380106328944831988584230357801163554",
"59357653239788848191346551526554282498",
"13852499842108131919910597128967403766",
"27571672534562604736560534915798670874",
"109117756114715631952377845960833069553",
"247701655187476203105815098819107471921",
"245153341431177814057654952093785106380",
"203187862245436608073008938721355285602",
"108419571090011544539735882310831887174",
"301583436003207380947229176695565733772",
"157353853658580994309969079725755077641",
"196633824475796216743901852643655126046",
"90577709477801430249477438429207714279",
"170406713802535037392852090958471320497",
"303905932524948478086434139703989939400",
"192162647781243397406046847678852615554",
"251495549319639960539746404356419788158",
"162032666658838296434941874187705576953",
"295560039881960324073683136710897687556",
"7874581197549915074464333049682708796",
"144168711686579051208536302763906070677",
"112913145889274157506972742349204245333",
"237173140009623071927723534457617464342",
"49309239220243580336208705654957063402",
"191943465766716687632244576877888723803",
"244792665710452218748687464487912159880",
"150964130374749641495728743539654006291",
"295561774055654844680790224996407231957",
"245508486586186455370613835983946688472",
"165192252308874075836968223402017585648",
"227663634282286721138231096542748849152",
"142823626242594272649364038683305034426"
],
"threshold": 0.9
},
"target": {
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-3d450d41",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9167f2712dc8c24964840a4d1e2ebf130e846b95",
"signature_type": "Line"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "39958626881346700390483368544468624242",
"length": 216.0
},
"target": {
"function": "wcd938x_connect_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-538e9fc6",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9167f2712dc8c24964840a4d1e2ebf130e846b95",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "153770625143467556416149131117325771221",
"length": 443.0
},
"target": {
"function": "wcd938x_set_swr_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-54160a04",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aa7152f9f117b3e66b3c0d4158ca4c6d46ab229f",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"196361755736386733401734877797331558390",
"119030772096482029532961001806884339267",
"185500778618325334177336373213411211780",
"55896616350524776590701785675309598656",
"242380106328944831988584230357801163554",
"59357653239788848191346551526554282498",
"13852499842108131919910597128967403766",
"27571672534562604736560534915798670874",
"109117756114715631952377845960833069553",
"247701655187476203105815098819107471921",
"245153341431177814057654952093785106380",
"203187862245436608073008938721355285602",
"108419571090011544539735882310831887174",
"301583436003207380947229176695565733772",
"157353853658580994309969079725755077641",
"196633824475796216743901852643655126046",
"90577709477801430249477438429207714279",
"170406713802535037392852090958471320497",
"303905932524948478086434139703989939400",
"192162647781243397406046847678852615554",
"251495549319639960539746404356419788158",
"162032666658838296434941874187705576953",
"295560039881960324073683136710897687556",
"7874581197549915074464333049682708796",
"144168711686579051208536302763906070677",
"112913145889274157506972742349204245333",
"237173140009623071927723534457617464342",
"49309239220243580336208705654957063402",
"191943465766716687632244576877888723803",
"244792665710452218748687464487912159880",
"150964130374749641495728743539654006291",
"295561774055654844680790224996407231957",
"245508486586186455370613835983946688472",
"165192252308874075836968223402017585648",
"227663634282286721138231096542748849152",
"142823626242594272649364038683305034426"
],
"threshold": 0.9
},
"target": {
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-81f56c16",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aa7152f9f117b3e66b3c0d4158ca4c6d46ab229f",
"signature_type": "Line"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "153770625143467556416149131117325771221",
"length": 443.0
},
"target": {
"function": "wcd938x_set_swr_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-abae3d99",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9167f2712dc8c24964840a4d1e2ebf130e846b95",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "334508300897706385551615272877324844252",
"length": 357.0
},
"target": {
"function": "wcd938x_get_swr_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-bbf444ca",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aa7152f9f117b3e66b3c0d4158ca4c6d46ab229f",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "170406039122437364242462793825141288817",
"length": 498.0
},
"target": {
"function": "wcd938x_set_compander",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-c935bab0",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9167f2712dc8c24964840a4d1e2ebf130e846b95",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "170406039122437364242462793825141288817",
"length": 498.0
},
"target": {
"function": "wcd938x_set_compander",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-cf2852d3",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aa7152f9f117b3e66b3c0d4158ca4c6d46ab229f",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "153770625143467556416149131117325771221",
"length": 443.0
},
"target": {
"function": "wcd938x_set_swr_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-d49632a9",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c5c1546a654f613e291a7c5d6f3660fc1eb6d0c7",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "170406039122437364242462793825141288817",
"length": 498.0
},
"target": {
"function": "wcd938x_set_compander",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-d90e7840",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c5c1546a654f613e291a7c5d6f3660fc1eb6d0c7",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "334508300897706385551615272877324844252",
"length": 357.0
},
"target": {
"function": "wcd938x_get_swr_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-ea0e3a26",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c5c1546a654f613e291a7c5d6f3660fc1eb6d0c7",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"function_hash": "39958626881346700390483368544468624242",
"length": 216.0
},
"target": {
"function": "wcd938x_connect_port",
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-f8468166",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aa7152f9f117b3e66b3c0d4158ca4c6d46ab229f",
"signature_type": "Function"
},
{
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"196361755736386733401734877797331558390",
"119030772096482029532961001806884339267",
"185500778618325334177336373213411211780",
"55896616350524776590701785675309598656",
"242380106328944831988584230357801163554",
"59357653239788848191346551526554282498",
"13852499842108131919910597128967403766",
"27571672534562604736560534915798670874",
"109117756114715631952377845960833069553",
"247701655187476203105815098819107471921",
"245153341431177814057654952093785106380",
"203187862245436608073008938721355285602",
"108419571090011544539735882310831887174",
"301583436003207380947229176695565733772",
"157353853658580994309969079725755077641",
"196633824475796216743901852643655126046",
"90577709477801430249477438429207714279",
"170406713802535037392852090958471320497",
"303905932524948478086434139703989939400",
"192162647781243397406046847678852615554",
"251495549319639960539746404356419788158",
"162032666658838296434941874187705576953",
"295560039881960324073683136710897687556",
"7874581197549915074464333049682708796",
"144168711686579051208536302763906070677",
"112913145889274157506972742349204245333",
"237173140009623071927723534457617464342",
"49309239220243580336208705654957063402",
"191943465766716687632244576877888723803",
"244792665710452218748687464487912159880",
"150964130374749641495728743539654006291",
"295561774055654844680790224996407231957",
"245508486586186455370613835983946688472",
"165192252308874075836968223402017585648",
"227663634282286721138231096542748849152",
"142823626242594272649364038683305034426"
],
"threshold": 0.9
},
"target": {
"file": "sound/soc/codecs/wcd938x.c"
},
"id": "CVE-2022-48716-fdf189b4",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c5c1546a654f613e291a7c5d6f3660fc1eb6d0c7",
"signature_type": "Line"
}
]