Use-After-Free Vulnerability in Linux Kernel ASoC Core Component
CVE-2022-49842

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
1 May 2025

What is CVE-2022-49842?

A use-after-free vulnerability was identified in the Linux kernel's ASoC core component. This issue arises during the initialization and exit processes of the sound system, specifically when the 'snd_soc_util_init()' function fails and the error is neglected. The failure leads to the 'soc_dummy_dev' being unregistered multiple times, triggering a use-after-free condition. This vulnerability may affect system stability and could be exploited in a way that compromises the integrity of kernel memory, resulting in unpredictable behavior or system crashes. The resolution involved proper error handling during initialization to prevent such occurrences.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux fb257897bf20c5f0e1df584bb5b874e811651263 < 41fad4f712e081acdfde8b59847f9f66eaf407a0

Linux fb257897bf20c5f0e1df584bb5b874e811651263 < 90bbdf30a51e42378cb23a312005a022794b8e1e

Linux fb257897bf20c5f0e1df584bb5b874e811651263

References

https://git.kernel.org/stable/c/41fad4f712e081acdfde8b598...
https://git.kernel.org/stable/c/90bbdf30a51e42378cb23a312...
https://git.kernel.org/stable/c/a3365e62239dc064019a244bd...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.