GHSA-X2W3-4GRF-5R9F

Vulnerability from github – Published: 2025-05-01 15:31 – Updated: 2025-11-07 18:30
VLAI?
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()

snd_usbmidi_output_open() has a check of the NULL port with snd_BUG_ON(). snd_BUG_ON() was used as this shouldn't have happened, but in reality, the NULL port may be seen when the device gives an invalid endpoint setup at the descriptor, hence the driver skips the allocation. That is, the check itself is valid and snd_BUG_ON() should be dropped from there. Otherwise it's confusing as if it were a real bug, as recently syzbot stumbled on it.

Severity ?
5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Show details on source website
To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2022-49772"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-01T15:16:00Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()\n\nsnd_usbmidi_output_open() has a check of the NULL port with\nsnd_BUG_ON().  snd_BUG_ON() was used as this shouldn\u0027t have happened,\nbut in reality, the NULL port may be seen when the device gives an\ninvalid endpoint setup at the descriptor, hence the driver skips the\nallocation.  That is, the check itself is valid and snd_BUG_ON()\nshould be dropped from there.  Otherwise it\u0027s confusing as if it were\na real bug, as recently syzbot stumbled on it.",
  "id": "GHSA-x2w3-4grf-5r9f",
  "modified": "2025-11-07T18:30:25Z",
  "published": "2025-05-01T15:31:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49772"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/00f5f1bbf815a39e9eecb468d12ca55d3360eb10"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02b94885b2fdf1808b1874e009bfb90753f8f4db"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/368a01e5064c13946d032ab1d65ba95020a39cc5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/872c9314769e89d8bda74ff3ac584756a45ee752"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a80369c8ca50bc885d14386087a834659ec54a54"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ad72c3c3f6eb81d2cb189ec71e888316adada5df"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c43991065f36f7628cd124e037b8750c4617a7a7"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e7dc436aea80308a9268e6d2d85f910ff107de9b"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.