CVE-2022-49249

HIGH EPSS 16.5%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeof(long) is 8 compared to enum size which is 4 bytes. Fix this by using enumerated items instead of integers.

CVSS Details

Base Score
7.1
Exploitability
1.8
Impact
5.2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
16.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥5.14  –  <5.15.33
linuxlinux_kernel*≥5.16  –  <5.16.19
linuxlinux_kernel*≥5.17  –  <5.17.2

References 4

  • git.kernel.org https://git.kernel.org/stable/c/adafea71b49ec4dbc44e0b84ec6eb602004a7a08
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cc587b7c8fbbe128f6bd0dad025a0caea5e6d164
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d09aee1b1da196be11ed86dd4897f228f2487613
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f03c0c94186d5876857132d97e28f20cdc100bdc
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/adafea71b49ec4dbc44e0b84ec6eb602004a7a08
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cc587b7c8fbbe128f6bd0dad025a0caea5e6d164
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d09aee1b1da196be11ed86dd4897f228f2487613
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f03c0c94186d5876857132d97e28f20cdc100bdc
    Patch