CVE-2023-52806
ALSA: hda: Fix possible null-ptr-deref when assigning a stream
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
ALSA: hda: Fix possible null-ptr-deref when assigning a stream
While AudioDSP drivers assign streams exclusively of HOST or LINK type,
nothing blocks a user to attempt to assign a COUPLED stream. As
supplied substream instance may be a stub, what is the case when
code-loading, such scenario ends with null-ptr-deref.
En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ALSA: hda: Corrige posible null-ptr-deref al asignar un flujo. Si bien los controladores AudioDSP asignan flujos exclusivamente de tipo HOST o LINK, nada impide que un usuario intente asignar un flujo ACOPLADO. Como la instancia de subsecuencia proporcionada puede ser un código auxiliar, cuál es el caso cuando se carga el código, dicho escenario termina con null-ptr-deref.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-21 CVE Reserved
- 2024-05-21 CVE Published
- 2024-05-24 EPSS Updated
- 2024-09-11 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (9)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 4.14.331 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.331" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 4.19.300 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.300" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.4.262 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.262" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.10.202 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.202" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 5.15.140 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15.140" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.1.64 Search vendor "Linux" for product "Linux Kernel" and version " < 6.1.64" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.5.13 Search vendor "Linux" for product "Linux Kernel" and version " < 6.5.13" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.6.3 Search vendor "Linux" for product "Linux Kernel" and version " < 6.6.3" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 6.7 Search vendor "Linux" for product "Linux Kernel" and version " < 6.7" | en |
Affected
| ||||||