CVE-2022-50719 - Vulnerability Details

- ALSA: line6: fix stack overflow in line6_midi_transmit

Description

In the Linux kernel, the following vulnerability has been resolved:

ALSA: line6: fix stack overflow in line6_midi_transmit

Correctly calculate available space including the size of the chunk
buffer. This fixes a buffer overflow when multiple MIDI sysex
messages are sent to a PODxt device.

Published: 2025-12-24

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< b026af92b2cea907c780f7168c730c816cd33311
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< 49cb7737e733013ec86aa77ed2e19b94a68eaa05
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< 0c76087449ee4ed45a88b10017d02c6694caedb1
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< 25e8c6ecb46843a955f254b8f0d77894e4a53dc4
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< 66f359ad66d49f75d39ac729f9114dabf90b81bb
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< 0c9118e381ff538874e00fd4e66a768273c150fb
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< 61e4be4a60cc6de723f8c574ddbcb3025eb44cac
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< 389d34c2a8b52acc351fd932ed4bea41fee5a39b
`f2459201c72e8f8553644505eed19954d4c3a023`	affected	< b8800d324abb50160560c636bfafe2c81001b66c

Linux

affected

Version	Status	Constraints
`3.15`	affected	—
`0`	unaffected	< 3.15
`4.9.337`	unaffected	≤ 4.9.*
`4.14.303`	unaffected	≤ 4.14.*
`4.19.270`	unaffected	≤ 4.19.*
`5.4.229`	unaffected	≤ 5.4.*
`5.10.163`	unaffected	≤ 5.10.*
`5.15.87`	unaffected	≤ 5.15.*
`6.0.17`	unaffected	≤ 6.0.*
`6.1.3`	unaffected	≤ 6.1.*
`6.2`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0015.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/0c76087449ee4ed45a88b10017d02c6694caedb1
https://git.kernel.org/stable/c/0c9118e381ff538874e00fd4e66a768273c150fb
https://git.kernel.org/stable/c/25e8c6ecb46843a955f254b8f0d77894e4a53dc4
https://git.kernel.org/stable/c/389d34c2a8b52acc351fd932ed4bea41fee5a39b
https://git.kernel.org/stable/c/49cb7737e733013ec86aa77ed2e19b94a68eaa05
https://git.kernel.org/stable/c/61e4be4a60cc6de723f8c574ddbcb3025eb44cac
https://git.kernel.org/stable/c/66f359ad66d49f75d39ac729f9114dabf90b81bb
https://git.kernel.org/stable/c/b026af92b2cea907c780f7168c730c816cd33311
https://git.kernel.org/stable/c/b8800d324abb50160560c636bfafe2c81001b66c
https://lore.kernel.org/linux-cve-announce/2025122416-CVE-2022-50719-02d8@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-50719
https://www.cve.org/CVERecord?id=CVE-2022-50719

History

Thu, 25 Dec 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025122416-CVE-2022-50719-02d8@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-50719 https://www.cve.org/CVERecord?id=CVE-2022-50719
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 24 Dec 2025 12:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6_midi_transmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PODxt device.
Title		ALSA: line6: fix stack overflow in line6_midi_transmit
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/0c76087449ee4ed45a88b10017d02c6694caedb1 https://git.kernel.org/stable/c/0c9118e381ff538874e00fd4e66a768273c150fb https://git.kernel.org/stable/c/25e8c6ecb46843a955f254b8f0d77894e4a53dc4 https://git.kernel.org/stable/c/389d34c2a8b52acc351fd932ed4bea41fee5a39b https://git.kernel.org/stable/c/49cb7737e733013ec86aa77ed2e19b94a68eaa05 https://git.kernel.org/stable/c/61e4be4a60cc6de723f8c574ddbcb3025eb44cac https://git.kernel.org/stable/c/66f359ad66d49f75d39ac729f9114dabf90b81bb https://git.kernel.org/stable/c/b026af92b2cea907c780f7168c730c816cd33311 https://git.kernel.org/stable/c/b8800d324abb50160560c636bfafe2c81001b66c

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T12:22:42.697Z

Updated: 2026-05-11T19:24:11.736Z

Reserved: 2025-12-24T12:20:40.329Z

Link: CVE-2022-50719

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2025-12-24T13:15:58.560

Modified: 2026-04-15T00:35:42.020

Link: CVE-2022-50719

Redhat

Severity : Low

Publid Date: 2025-12-24T00:00:00Z

Links: CVE-2022-50719 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object