CVE-2022-48992

ASoC: soc-pcm: Add NULL check in BE reparenting

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-pcm: Add NULL check in BE reparenting Add NULL check in dpcm_be_reparent API, to handle kernel NULL pointer dereference error. The issue occurred in fuzzing test.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/0760acc2e6598ad4f7bd3662db2d907ef0838139 patch
https://git.kernel.org/stable/c/d4dd21a79dbb862d2ebcf9ed90e646416009ff0d patch
https://git.kernel.org/stable/c/e7166d6821c15f3516bcac8ae3f155924da1908c patch
https://git.kernel.org/stable/c/f2ba66d8738584d124aff4e760ed1337f5f6dfb6 patch
https://git.kernel.org/stable/c/f6f45e538328df9ce66aa61bafee1a5717c4b700 patch
https://git.kernel.org/stable/c/9f74b9aa8d58c18927bb9b65dd5ba70a5fd61615 patch
https://git.kernel.org/stable/c/34a9796bf0684bfd54e96a142560d560c21c983b patch
https://git.kernel.org/stable/c/db8f91d424fe0ea6db337aca8bc05908bbce1498 patch

Frequently Asked Questions

What is the severity of CVE-2022-48992?
CVE-2022-48992 has been scored as a medium severity vulnerability.
How to fix CVE-2022-48992?
To fix CVE-2022-48992, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-48992 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-48992 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-48992?
CVE-2022-48992 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.