Cyber Resilience

CVE-2022-49252

High

Published: 26 February 2025

Published
26 February 2025
Modified
22 September 2025
KEV Added
Patch
CVSS Score v3.1 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score 0.0015 35.1th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-49252 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Credential Access (T1212); ranked at the 35.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2022-49252 is a vulnerability in the Linux kernel's ASoC (ALSA System on Chip) rx-macro codec driver, where accessing enums using integers leads to out-of-bounds array access. This issue arises on platforms like aarch64, where the size of a long (8 bytes) exceeds the enum size (4 bytes), potentially causing memory corruption. The vulnerability is classified under CWE-125 (Out-of-bounds Read) with a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H).

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables high-impact confidentiality violations, such as reading sensitive kernel memory, and high-impact availability disruptions, like denial of service through crashes or memory corruption, without affecting integrity or changing scope.

Mitigation involves applying the relevant stable kernel patches, as detailed in the upstream commit references: 7e3629e256d1cabf801d00050550ade4d036cafe, aed43e92e4b9187029903880d5db608f7fa1c53c, bcfe5f76cc4051ea3f9eb5d2c8ea621641f290a5, and eb15c6ea692fd88d70698d874d9a0d667fb4cde9. Security practitioners should update affected Linux kernel versions to incorporate these fixes.

EU & UK References

Vulnerability details

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeof(long)…

more

is 8 compared to enum size which is 4 bytes.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Kernel OOB read enables local credential/memory disclosure (T1212) and system DoS via corruption/crash (T1499.004); no integrity impact limits escalation mappings.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2022-49368Same product: Linux Linux Kernel
CVE-2025-21743Same product: Linux Linux Kernel
CVE-2022-49738Same product: Linux Linux Kernel
CVE-2026-31774Same product: Linux Linux Kernel
CVE-2026-23325Same product: Linux Linux Kernel
CVE-2025-21815Same product: Linux Linux Kernel
CVE-2026-31779Same product: Linux Linux Kernel
CVE-2026-43051Same product: Linux Linux Kernel
CVE-2026-23269Same product: Linux Linux Kernel
CVE-2022-49249Same product: Linux Linux Kernel

Affected Assets

linux
linux kernel
5.12 — 5.15.33 · 5.16 — 5.16.19 · 5.17 — 5.17.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely identification, reporting, and patching of kernel flaws like the out-of-bounds array access in the ASoC rx-macro driver.

detect

Mandates vulnerability scanning and monitoring to identify known issues like CVE-2022-49252 in Linux kernel versions.

prevent

Enforces kernel memory protections that mitigate exploitation of out-of-bounds reads leading to information disclosure or corruption.

References