CVE-2022-1048

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-1048

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1048.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-1048

Downstream

DEBIAN-CVE-2022-1048

DSA-5127-1

DSA-5173-1

OESA-2022-1727

RHSA-2022:7444

RHSA-2022:7683

RHSA-2022:7933

RHSA-2022:8267

RHSA-2024:4107

SUSE-SU-2022:1163-1

SUSE-SU-2022:1183-1

SUSE-SU-2022:1196-1

SUSE-SU-2022:1197-1

SUSE-SU-2022:1255-1

SUSE-SU-2022:1256-1

SUSE-SU-2022:1257-1

SUSE-SU-2022:1266-1

SUSE-SU-2022:1267-1

SUSE-SU-2022:1270-1

SUSE-SU-2022:1283-1

SUSE-SU-2022:1402-1

SUSE-SU-2022:1407-1

SUSE-SU-2022:1939-1

SUSE-SU-2022:1942-1

SUSE-SU-2022:1945-1

SUSE-SU-2022:1947-1

SUSE-SU-2022:1948-1

SUSE-SU-2022:1955-1

SUSE-SU-2022:1974-1

SUSE-SU-2022:2000-1

SUSE-SU-2022:2006-1

SUSE-SU-2023:0416-1

SUSE-SU-2025:0983-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025:1293-1

UBUNTU-CVE-2022-1048

USN-5381-1

USN-5469-1

USN-5560-1

USN-5560-2

USN-5562-1

USN-5582-1

USN-5856-1

Related

Published

2022-04-29T16:15:08Z

Modified

2025-08-09T20:01:28Z

Severity

7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hwparams. The hwfree ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.

References

Affected packages