CVE-2022-49617

26.02.2025, 07:01

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: sof_sdw: handle errors on card registration

If the card registration fails, typically because of deferred probes,
the device properties added for headset codecs are not removed, which
leads to kernel oopses in driver bind/unbind tests.

We already clean-up the device properties when the card is removed,
this code can be moved as a helper and called upon card registration
errors.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

Debian Releases

Debian Product

Codename

linux

bullseye	vulnerable
bullseye (security)	vulnerable
bookworm	6.1.123-1 fixed
bookworm (security)	6.1.128-1 fixed
trixie	6.12.12-1 fixed
sid	6.12.16-1 fixed

References

https://git.kernel.org/stable/c/09bca0ffc95c50369f1345d80ecfaca51864126f

https://git.kernel.org/stable/c/f2556ce6b35ae0fc72000a4daa21ded12665e2f2

https://git.kernel.org/stable/c/fe154c4ff376bc31041c6441958a08243df09c99