VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2022-50719

CVE-2022-50719

Description

In the Linux kernel, the following vulnerability has been resolved:

ALSA: line6: fix stack overflow in line6_midi_transmit

Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PODxt device.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Stack buffer overflow in Linux kernel's ALSA line6 driver when handling multiple MIDI sysex messages, fixed by correcting available space calculation.

Vulnerability

A stack buffer overflow vulnerability exists in the line6_midi_transmit function of the Linux kernel's ALSA line6 driver. The root cause is an incorrect calculation of available buffer space that fails to account for the size of the chunk buffer. This leads to a buffer overflow when multiple MIDI System Exclusive (sysex) messages are sent to a PODxt device.

Exploitation

An attacker with local access to a system using the line6 driver can send crafted MIDI sysex messages to a connected PODxt device. No authentication is required beyond the ability to interact with the device via MIDI. The overflow occurs on the stack, enabling memory corruption.

Impact

Successful exploitation can corrupt stack memory, potentially causing denial of service or arbitrary code execution in kernel context. This could lead to system instability or privilege escalation.

Mitigation

The fix has been applied to the Linux kernel stable tree [1][2][3]. Users should update to a patched kernel version.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!
  3. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

9
66f359ad66d4
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
0c9118e381ff
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
61e4be4a60cc
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
389d34c2a8b5
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
b8800d324abb
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
b026af92b2ce
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
49cb7737e733
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
0c76087449ee
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
25e8c6ecb468
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

9

News mentions

0

No linked articles in our index yet.