CVE-2022-50229
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-50229
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-50229.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-50229
- Downstream
- Related
- Published
- 2025-06-18T11:15:53Z
- Modified
- 2025-08-09T20:01:26Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ALSA: bcd2000: Fix a UAF bug on the error path of probing
When the driver fails in sndcardregister() at probe time, it will free the 'bcd2k->midiouturb' before killing it, which may cause a UAF bug.
The following log can reveal it:
[ 50.727020] BUG: KASAN: use-after-free in bcd2000inputcomplete+0x1f1/0x2e0 [sndbcd2000] [ 50.727623] Read of size 8 at addr ffff88810fab0e88 by task swapper/4/0 [ 50.729530] Call Trace: [ 50.732899] bcd2000inputcomplete+0x1f1/0x2e0 [sndbcd2000]
Fix this by adding usbkillurb() before usbfreeurb().
- References
-
- https://git.kernel.org/stable/c/05e0bb8c3c4dde3e21b9c1cf9395afb04e8b24db
- https://git.kernel.org/stable/c/1d6a246cf97c380f2da76591f03019dd9c9599c3
- https://git.kernel.org/stable/c/348620464a5c127399ac09b266f494f393661952
- https://git.kernel.org/stable/c/4fc41f7ebb7efca282f1740ea934d16f33c1d109
- https://git.kernel.org/stable/c/5e7338f4dd92b2f8915a82abfa1dd3ad3464bea0
- https://git.kernel.org/stable/c/64ca7f50ad96c2c65ae390b954925a36eabe04aa
- https://git.kernel.org/stable/c/a718eba7e458e2f40531be3c6b6a0028ca7fcace
- https://git.kernel.org/stable/c/b0d4af0a4763ddc02344789ef2a281c494bc330d
- https://git.kernel.org/stable/c/ffb2759df7efbc00187bfd9d1072434a13a54139