cve/published/2022/CVE-2022-49498.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2022-49498: ALSA: pcm: Check for null pointer of pointer substream before dereferencing it

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 ALSA: pcm: Check for null pointer of pointer substream before dereferencing it

 Pointer substream is being dereferenced on the assignment of pointer card
 before substream is being null checked with the macro PCM_RUNTIME_CHECK.
 Although PCM_RUNTIME_CHECK calls BUG_ON, it still is useful to perform the
 the pointer check before card is assigned.

 The Linux kernel CVE team has assigned CVE-2022-49498 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.10.121 with commit f2c68c52898f623fe84518da4606538d193b0cca
 	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.15.46 with commit 7784d22f81a29df2ec57ca90d54f93a35cbcd1a2
 	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.17.14 with commit 1f2e28857be1e5c7db39bbc221332215fc5467e3
 	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.18.3 with commit b41ef7ad9238c22aa2e142f5ce4ce1a1a0d48123
 	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.19 with commit 011b559be832194f992f73d6c0d5485f5925a10b

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2022-49498
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	sound/core/pcm_memory.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/b2421a196cb0911ea95aec1050a0b830464c8fa6
 	https://git.kernel.org/stable/c/f2c68c52898f623fe84518da4606538d193b0cca
 	https://git.kernel.org/stable/c/7784d22f81a29df2ec57ca90d54f93a35cbcd1a2
 	https://git.kernel.org/stable/c/1f2e28857be1e5c7db39bbc221332215fc5467e3
 	https://git.kernel.org/stable/c/b41ef7ad9238c22aa2e142f5ce4ce1a1a0d48123
 	https://git.kernel.org/stable/c/011b559be832194f992f73d6c0d5485f5925a10b
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2022-49498: ALSA: pcm: Check for null pointer of pointer substream before dereferencing it

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	ALSA: pcm: Check for null pointer of pointer substream before dereferencing it

	Pointer substream is being dereferenced on the assignment of pointer card
	before substream is being null checked with the macro PCM_RUNTIME_CHECK.
	Although PCM_RUNTIME_CHECK calls BUG_ON, it still is useful to perform the
	the pointer check before card is assigned.

	The Linux kernel CVE team has assigned CVE-2022-49498 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.10.121 with commit f2c68c52898f623fe84518da4606538d193b0cca
	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.15.46 with commit 7784d22f81a29df2ec57ca90d54f93a35cbcd1a2
	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.17.14 with commit 1f2e28857be1e5c7db39bbc221332215fc5467e3
	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.18.3 with commit b41ef7ad9238c22aa2e142f5ce4ce1a1a0d48123
	Issue introduced in 5.6 with commit d4cfb30fce03093ad944e0b44bd8f40bdad5330e and fixed in 5.19 with commit 011b559be832194f992f73d6c0d5485f5925a10b

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2022-49498
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	sound/core/pcm_memory.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/b2421a196cb0911ea95aec1050a0b830464c8fa6
	https://git.kernel.org/stable/c/f2c68c52898f623fe84518da4606538d193b0cca
	https://git.kernel.org/stable/c/7784d22f81a29df2ec57ca90d54f93a35cbcd1a2
	https://git.kernel.org/stable/c/1f2e28857be1e5c7db39bbc221332215fc5467e3
	https://git.kernel.org/stable/c/b41ef7ad9238c22aa2e142f5ce4ce1a1a0d48123
	https://git.kernel.org/stable/c/011b559be832194f992f73d6c0d5485f5925a10b