{"id":"CVE-2022-50115","summary":"ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes\n\nWe have sanity checks for byte controls and if any of the fail the locally\nallocated scontrol-\u003eipc_control_data is freed up, but not set to NULL.\n\nOn a rollback path of the error the higher level code will also try to free\nthe scontrol-\u003eipc_control_data which will eventually going to lead to\nmemory corruption as double freeing memory is not a good thing.","modified":"2026-04-03T13:14:31.517227828Z","published":"2025-06-18T11:02:46.759Z","related":["SUSE-SU-2025:02264-1","SUSE-SU-2025:02321-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50115.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/8463986b54295e6b65ddf2b7c65627d01ce7643b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c2eddfcafcffaf1b9245ea0dde9143bbfb47d5d1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d5bd47f3ca124058a8e87eae4508afeda2132611"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/50xxx/CVE-2022-50115.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50115"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b5cee8feb1d482a9d07b677f4f2f9565bacda53e"},{"fixed":"8463986b54295e6b65ddf2b7c65627d01ce7643b"},{"fixed":"c2eddfcafcffaf1b9245ea0dde9143bbfb47d5d1"},{"fixed":"d5bd47f3ca124058a8e87eae4508afeda2132611"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-50115.json"}}],"schema_version":"1.7.5"}