Main Vulnerability Database SB20250916115

SB20250916115 - Use-after-free in Linux kernel intel boards

Published: September 16, 2025 Updated: September 22, 2025

Security Bulletin ID SB20250916115

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Use-after-free (CVE-ID: CVE-2022-50305)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sof_es8336_remove() function in sound/soc/intel/boards/sof_es8336.c. A local user can escalate privileges on the system.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/1b41beaa7a58467505ec3023af8aad74f878b888
https://git.kernel.org/stable/c/390a1a98288a53b2e7555097d83c6e55d579b166
https://git.kernel.org/stable/c/b85102a3aa3810a09eb55692e8cd6ffbb304e57d
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.16