Login Sign Up

CVE-2022-49292

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes an integer overflow vulnerability in the Linux kernel's ALSA OSS PCM layer that can cause kernel memory allocation failures. Attackers could trigger a denial-of-service (system crash) by manipulating audio parameters to allocate excessively large buffers. Systems running vulnerable Linux kernel versions with OSS audio emulation enabled are affected.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions with vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires CONFIG_SND_PCM_OSS=y and OSS audio emulation usage. Many modern systems use ALSA directly rather than OSS.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash due to failed memory allocation, leading to complete denial-of-service.

🟠

Likely Case

System instability or crash when processing malformed audio parameters through OSS interface.

🟢

If Mitigated

Minimal impact if OSS audio emulation is disabled or systems are patched.

🌐 Internet-Facing: LOW - Requires local access or ability to influence audio parameters through applications.
🏢 Internal Only: MEDIUM - Local users or applications with audio access could trigger the vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires ability to influence PCM audio parameters through applications using OSS interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Linux kernel versions containing commits: 0c4190b41a69990666b4000999e27f8f1b2a426b, 5ce74ff7059341d8b2f4d01c3383491df63d1898, 7a40cbf3579a8e14849ba7ce46309c1992658d2b, a63af1baf0a5e11827db60e3127f87e437cab6e5, e74a069c6a7bb505f3ade141dddf85f4b0b5145a

Vendor Advisory: https://git.kernel.org/stable/c/0c4190b41a69990666b4000999e27f8f1b2a426b

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable OSS audio emulation

Linux

Disable CONFIG_SND_PCM_OSS kernel module to remove vulnerable code path

echo 'blacklist snd-pcm-oss' >> /etc/modprobe.d/blacklist.conf
rmmod snd-pcm-oss

🧯 If You Can't Patch

  • Disable OSS audio emulation via kernel module blacklisting
  • Restrict audio device access to trusted users only

🔍 How to Verify

Check if Vulnerable:

Check if OSS PCM module is loaded: lsmod | grep snd-pcm-oss

Check Version:

uname -r

Verify Fix Applied:

Check kernel version contains fix commits or is newer than vulnerable versions

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • WARN_ON() messages related to vmalloc allocation
  • System crash/reboot logs

Network Indicators:

  • None - local vulnerability

SIEM Query:

Search for kernel panic events or system crash reports

📊 Metadata

CVE ID: CVE-2022-49292
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
EPSS Score: 0.03% exploit probability (7.8th percentile)
Published: February 26, 2025
Last Updated: September 22, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49292, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)