CVE-2022-50229 – ALSA bcd2000 Use-After-Free Vulnerability

June 18, 2025

CVE ID : CVE-2022-50229

Published : June 18, 2025, 11:15 a.m. | 3 hours, 16 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ALSA: bcd2000: Fix a UAF bug on the error path of probing

When the driver fails in snd_card_register() at probe time, it will free
the ‘bcd2k->midi_out_urb’ before killing it, which may cause a UAF bug.

The following log can reveal it:

[ 50.727020] BUG: KASAN: use-after-free in bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]
[ 50.727623] Read of size 8 at addr ffff88810fab0e88 by task swapper/4/0
[ 50.729530] Call Trace:
[ 50.732899] bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]

Fix this by adding usb_kill_urb() before usb_free_urb().

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2022-50221 – Linux Kernel DRM/FB-Helper Out-of-Bounds Access Vulnerability

Next Article CVE-2022-50228 – QEMU KVM SVM Invalid Interrupt Injection Vulnerability

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

5 ways business leaders can transform workplace culture – and it starts by listening

My 4 favorite image editing apps on Linux – and two are free Photoshop alternatives

How Google’s Genie 3 could change AI video – and let you build your own interactive worlds

How you’re charging your tablet is slowly killing it – 3 methods to avoid (and the right way)

Establishing Consistent Data Foundations with Laravel’s Database Population System

Establishing Consistent Data Foundations with Laravel’s Database Population System

Generate Postman Collections from Laravel Routes

This Week in Laravel: Free Laravel Idea, Laracon News, and More

Lenovo Legion Go 2 vs Legion Go — How Do These Gaming Handhelds Compare Based on Rumored Specs?

Lenovo Legion Go 2 vs Legion Go — How Do These Gaming Handhelds Compare Based on Rumored Specs?

9 Default Settings in Windows 11 You Didn’t Know Could Affect Performance and Privacy

DICE Responds to Battlefield 6 Community: Key Updates on Map Flow and Class Mechanics

CVE-2022-50229 – ALSA bcd2000 Use-After-Free Vulnerability

Black Hat USA 2025: Does successful cybersecurity today increase cyber-risk tomorrow?

Black Hat USA 2025: Policy compliance and the myth of the silver bullet

CVE-2022-44759 – HCL Leap SVG Injection Vulnerability

CVE-2024-7073 – WSO2 SOAP SSRF Attack Vector

Elevating API Automation: Exploring Karate as an Alternative to Rest-Assured

Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique

L’adozione di RISC-V nelle distribuzioni Enterprise Linux

8 Best Free and Open Source Linux Personal Information Managers

TEKEVER to invest £400M in UK defencetech, creating 1,000+ skilled jobs

The 5 Linux AppImages I depend on daily – and how to add them to your desktop menu

CVE-2022-50229 – ALSA bcd2000 Use-After-Free Vulnerability

Related Posts