CVE-2021-47502
ASoC: codecs: wcd934x: handle channel mappping list correctly
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
ASoC: codecs: wcd934x: handle channel mappping list correctly
Currently each channel is added as list to dai channel list, however
there is danger of adding same channel to multiple dai channel list
which endups corrupting the other list where its already added.
This patch ensures that the channel is actually free before adding to
the dai channel list and also ensures that the channel is on the list
before deleting it.
This check was missing previously, and we did not hit this issue as
we were testing very simple usecases with sequence of amixer commands.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: códecs: wcd934x: maneja correctamente la lista de asignación de canales Actualmente, cada canal se agrega como lista a la lista de canales dai, sin embargo, existe el peligro de agregar el mismo canal a varias listas de canales dai, lo que termina corrompiendo la otra lista donde ya está agregada. Este parche garantiza que el canal esté realmente libre antes de agregarlo a la lista de canales dai y también garantiza que el canal esté en la lista antes de eliminarlo. Esta verificación faltaba anteriormente y no encontramos este problema ya que estábamos probando casos de uso muy simples con una secuencia de comandos de amixer.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-22 CVE Reserved
- 2024-05-24 CVE Published
- 2024-05-25 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/a70d9245759a48e57bb1dc9f63213dcf3017db32 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.6 < 5.10.85 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.10.85" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.6 < 5.15.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.15.8" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.6 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.6 < 5.16" | en |
Affected
|