In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer. CREATE(Triage):(User=admin) CVE-2022-48363 (https://nvd.nist.gov/vuln/detail/CVE-2022-48363)
