CVE-2023-52674
ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()
Severity Score
Exploit Likelihood
Affected Versions
5Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and
SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside
scarlett2_mixer_values[].
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: scarlett2: Add clamp() en scarlett2_mixer_ctl_put() Asegúrese de que el valor pasado a scarlett2_mixer_ctl_put() esté entre 0 y SCARLETT2_MIXER_MAX_VALUE para que no intentemos acceder fuera de scarlett2_mixer_values[].
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_values[].
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-07 CVE Reserved
- 2024-05-17 CVE Published
- 2024-12-19 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (8)
| URL | Date | SRC |
|---|