SB20251230240 - NULL pointer dereference in Linux kernel soc pxa

Description

This security bulletin contains information about 1 security vulnerability.

1) NULL pointer dereference (CVE-ID: CVE-2022-50866)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the filter() function in sound/soc/pxa/mmp-pcm.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/0abd1d78317a3a2dfe00b203fbf14ee7df537e0a
• https://git.kernel.org/stable/c/21a1409e8cf73053b54f7860548e3043dfa351a9
• https://git.kernel.org/stable/c/21b92cf41952577a95bfa430e39478cbd66e42a7
• https://git.kernel.org/stable/c/3ec75e0ea9550b8f2e531172f2e67ba9d5227ec3
• https://git.kernel.org/stable/c/5b510a82740d2a42a75b5661b402bcaf8ae22cd5
• https://git.kernel.org/stable/c/83baa509396a742e0ce145b09fde1ce0a948f49a
• https://git.kernel.org/stable/c/9fb9b3b67a5b8669296d6372cd901ef86557e6f6
• https://git.kernel.org/stable/c/a8baccb79de2f48a2083d51febf627eb50ce1898
• https://git.kernel.org/stable/c/ec7bf231aaa1bdbcb69d23bc50c753c80fb22429
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.303
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.270
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.337
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.163
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.86
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.229
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.16
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2