SB20251226203 - NULL pointer dereference in Linux kernel drivers

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2022-50773)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the snd_mts64_interrupt() function in sound/drivers/mts64.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/0649129359219ce6ff380ec401f87308485c6ae3
• https://git.kernel.org/stable/c/06ec592389f2be3199779ab823c4323dcfd2121f
• https://git.kernel.org/stable/c/1a763c748acd5540ccc43306c57c9c6c5fb60884
• https://git.kernel.org/stable/c/250eed7b9994d79f9c409f954dbd08e88f5afd83
• https://git.kernel.org/stable/c/7e91667db38abb056da5a496d40fbd044c66bed2
• https://git.kernel.org/stable/c/b471fe61da523a15e4cb60fa81f5a2377e4bad98
• https://git.kernel.org/stable/c/c7e9624d90bf20f1eed6b228949396d614b94020
• https://git.kernel.org/stable/c/cba633b24a98d957e8190ef8bc4d4cdb4f6e9313
• https://git.kernel.org/stable/c/cf2ea3c86ad90d63d1c572b43e1ca9276b0357ad
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.303
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.270
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.337
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.163
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.86
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.229
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.16
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2