CVE-2022-49252
Published: 26 February 2025
Summary
CVE-2022-49252 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Credential Access (T1212); ranked at the 35.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2022-49252 is a vulnerability in the Linux kernel's ASoC (ALSA System on Chip) rx-macro codec driver, where accessing enums using integers leads to out-of-bounds array access. This issue arises on platforms like aarch64, where the size of a long (8 bytes) exceeds the enum size (4 bytes), potentially causing memory corruption. The vulnerability is classified under CWE-125 (Out-of-bounds Read) with a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H).
A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables high-impact confidentiality violations, such as reading sensitive kernel memory, and high-impact availability disruptions, like denial of service through crashes or memory corruption, without affecting integrity or changing scope.
Mitigation involves applying the relevant stable kernel patches, as detailed in the upstream commit references: 7e3629e256d1cabf801d00050550ade4d036cafe, aed43e92e4b9187029903880d5db608f7fa1c53c, bcfe5f76cc4051ea3f9eb5d2c8ea621641f290a5, and eb15c6ea692fd88d70698d874d9a0d667fb4cde9. Security practitioners should update affected Linux kernel versions to incorporate these fixes.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-54974
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds access on platforms like aarch64 where sizeof(long)…
more
is 8 compared to enum size which is 4 bytes.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Kernel OOB read enables local credential/memory disclosure (T1212) and system DoS via corruption/crash (T1499.004); no integrity impact limits escalation mappings.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely identification, reporting, and patching of kernel flaws like the out-of-bounds array access in the ASoC rx-macro driver.
Mandates vulnerability scanning and monitoring to identify known issues like CVE-2022-49252 in Linux kernel versions.
Enforces kernel memory protections that mitigate exploitation of out-of-bounds reads leading to information disclosure or corruption.