CVE-2022-50115
- Source
- https://cve.org/CVERecord?id=CVE-2022-50115
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50115.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-50115
- Downstream
- Related
- Published
- 2025-06-18T11:02:46.759Z
- Modified
- 2026-03-12T03:26:10.535779Z
- Summary
- ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via load_bytes
We have sanity checks for byte controls and if any of the fail the locally allocated scontrol->ipccontroldata is freed up, but not set to NULL.
On a rollback path of the error the higher level code will also try to free the scontrol->ipccontroldata which will eventually going to lead to memory corruption as double freeing memory is not a good thing.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50115.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/8463986b54295e6b65ddf2b7c65627d01ce7643b
- https://git.kernel.org/stable/c/c2eddfcafcffaf1b9245ea0dde9143bbfb47d5d1
- https://git.kernel.org/stable/c/d5bd47f3ca124058a8e87eae4508afeda2132611
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50115.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50115