CVE-2022-48917 in Linux
Summary
by MITRE • 08/22/2024
In the Linux kernel, the following vulnerability has been resolved:
ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
While the $val/$val2 values passed in from userspace are always >= 0 integers, the limits of the control can be signed integers and the $min can be non-zero and less than zero. To correctly validate $val/$val2 against platform_max, add the $min offset to val first.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.