CVE-2022-50325

Published: Sep 15, 2025Modified: Dec 4, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGE_CONFIG_GET, memcpy_fromio() could end up copying too many bytes. Fix by utilizing min_t().

Affected (2)

Products: Linux: Linux Kernel

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.18 to 6.0.16
Linux Linux Kernel	From 6.1 to 6.1.2

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (3)

https://git.kernel.org/stable/c/0bad12fee5ae16ab439d97c66c4238f5f4cc7f68

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/23ae34e033b2c0e5e88237af82b163b296fd6aa9

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ec1f0c12cb2e614c3fa8e9402f7ffcf82166078a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.