CVE-2022-48701

Advisory lineage Upstream: 0 Downstream: 22

Downstream

DEBIAN-CVE-2022-48701 RHSA-2023:2458 RHSA-2023:2951 RHSA-2025:17109 RHSA-2025:17161 RHSA-2025:21084

Analyzed

Published: 03 May 2024, 15:12

Last modified:11 May 2026, 18:45

Vulnerability Summary

Overall Risk (default)

medium

28/100

CVSS Score

7.1 HIGH

v3.1 (nvd)

EPSS Score

<0.01% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

03 May 2024, 15:12

Published

Vulnerability first disclosed

11 May 2026, 18:45

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() There may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and the number of it's interfaces less than 4, an out-of-bounds read bug occurs when parsing the interface descriptor for this device. Fix this by checking the number of interfaces.

CVSS Metrics

v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 1%

Techniques & Countermeasures

CWE-125•Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

linux•linux
≥ b9d43bcd061956c8144bcb453d07d13236b6ab28, < b970518014f2f0f6c493fb86c1e092b936899061 | ≥ b9d43bcd061956c8144bcb453d07d13236b6ab28, < 91904870370fd986c29719846ed76d559de43251 | ≥ b9d43bcd061956c8144bcb453d07d13236b6ab28, < 2a308e415d247a23d4d64c964c02e782eede2936 | ≥ b9d43bcd061956c8144bcb453d07d13236b6ab28, < 0492798bf8dfcc09c9337a1ba065da1d1ca68712 | ≥ b9d43bcd061956c8144bcb453d07d13236b6ab28, < 6123bec8480d23369e2ee0b2208611619f269faf | ≥ b9d43bcd061956c8144bcb453d07d13236b6ab28, < 98e8e67395cc6d0cdf3a771f86ea42d0ee6e59dd | ≥ b9d43bcd061956c8144bcb453d07d13236b6ab28, < 8293e61bbf908b18ff9935238d4fc2ad359e3fe0 | ≥ b9d43bcd061956c8144bcb453d07d13236b6ab28, < e53f47f6c1a56d2af728909f1cb894da6b43d9bf | 2.6.26
linux•linux_kernel
< 4.9.328 | ≥ 4.10, < 4.14.293 | ≥ 4.15, < 4.19.258 | ≥ 4.20, < 5.4.213 | ≥ 5.5, < 5.10.143 | ≥ 5.11, < 5.15.68 | ≥ 5.16, < 5.19.9 | 6.0:rc1 | 6.0:rc2 | 6.0:rc3 | 6.0:rc4