CVE-2022-50229
- Source
- https://cve.org/CVERecord?id=CVE-2022-50229
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50229.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-50229
- Downstream
- Related
- Published
- 2025-06-18T11:04:06.069Z
- Modified
- 2026-04-11T12:44:54.878130Z
- Summary
- ALSA: bcd2000: Fix a UAF bug on the error path of probing
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ALSA: bcd2000: Fix a UAF bug on the error path of probing
When the driver fails in sndcardregister() at probe time, it will free the 'bcd2k->midiouturb' before killing it, which may cause a UAF bug.
The following log can reveal it:
[ 50.727020] BUG: KASAN: use-after-free in bcd2000inputcomplete+0x1f1/0x2e0 [sndbcd2000] [ 50.727623] Read of size 8 at addr ffff88810fab0e88 by task swapper/4/0 [ 50.729530] Call Trace: [ 50.732899] bcd2000inputcomplete+0x1f1/0x2e0 [sndbcd2000]
Fix this by adding usbkillurb() before usbfreeurb().
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50229.json" }- References
-
- https://git.kernel.org/stable/c/05e0bb8c3c4dde3e21b9c1cf9395afb04e8b24db
- https://git.kernel.org/stable/c/1d6a246cf97c380f2da76591f03019dd9c9599c3
- https://git.kernel.org/stable/c/348620464a5c127399ac09b266f494f393661952
- https://git.kernel.org/stable/c/4fc41f7ebb7efca282f1740ea934d16f33c1d109
- https://git.kernel.org/stable/c/5e7338f4dd92b2f8915a82abfa1dd3ad3464bea0
- https://git.kernel.org/stable/c/64ca7f50ad96c2c65ae390b954925a36eabe04aa
- https://git.kernel.org/stable/c/a718eba7e458e2f40531be3c6b6a0028ca7fcace
- https://git.kernel.org/stable/c/b0d4af0a4763ddc02344789ef2a281c494bc330d
- https://git.kernel.org/stable/c/ffb2759df7efbc00187bfd9d1072434a13a54139
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50229.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-50229
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb47a22290d581277be70e8a597824a4985d39e83Fixeda718eba7e458e2f40531be3c6b6a0028ca7fcaceFixed4fc41f7ebb7efca282f1740ea934d16f33c1d109Fixed5e7338f4dd92b2f8915a82abfa1dd3ad3464bea0Fixed05e0bb8c3c4dde3e21b9c1cf9395afb04e8b24dbFixed348620464a5c127399ac09b266f494f393661952Fixed64ca7f50ad96c2c65ae390b954925a36eabe04aaFixed1d6a246cf97c380f2da76591f03019dd9c9599c3Fixedb0d4af0a4763ddc02344789ef2a281c494bc330dFixedffb2759df7efbc00187bfd9d1072434a13a54139
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced3.16.0Fixed4.9.326
- Type
- ECOSYSTEM
- Events
-
Introduced4.10.0Fixed4.14.291
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.256
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.211
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.137
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.61
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed5.18.18
- Type
- ECOSYSTEM
- Events
-
Introduced5.19.0Fixed5.19.2