CVE-2024-27436

ALSA: usb-audio: Stop parsing channels bits when all channels are found.

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels
it could write outside of the map array.

En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ALSA: usb-audio: deja de analizar bits de canales cuando se encuentran todos los canales. Si un dispositivo de audio USB establece más bits que la cantidad de canales, podría escribir fuera de la matriz del mapa.

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-25 CVE Reserved
2024-05-17 CVE Published
2024-12-19 CVE Updated
2025-03-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-787: Out-of-bounds Write

CAPEC

References (14)

URL	Tag	Source
https://git.kernel.org/stable/c/04324ccc75f96b3ed7aad1c866d1b7925e977bdf	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/7e2c1b0f6dd9abde9e60f0f9730026714468770f	2024-03-26
https://git.kernel.org/stable/c/6d5dc96b154be371df0d62ecb07efe400701ed8a	2024-03-26
https://git.kernel.org/stable/c/5cd466673b34bac369334f66cbe14bb77b7d7827	2024-03-26
https://git.kernel.org/stable/c/9af1658ba293458ca6a13f70637b9654fa4be064	2024-03-26
https://git.kernel.org/stable/c/629af0d5fe94a35f498ba2c3f19bd78bfa591be6	2024-03-26
https://git.kernel.org/stable/c/22cad1b841a63635a38273b799b4791f202ade72	2024-03-26
https://git.kernel.org/stable/c/c8a24fd281dcdf3c926413dafbafcf35cde517a9	2024-03-26
https://git.kernel.org/stable/c/6d88b289fb0a8d055cb79d1c46a56aba7809d96d	2024-03-26
https://git.kernel.org/stable/c/a39d51ff1f52cd0b6fe7d379ac93bd8b4237d1b7	2024-03-13

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2024-27436	2024-11-12
https://bugzilla.redhat.com/show_bug.cgi?id=2281141	2024-11-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 4.19.311 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 4.19.311"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 5.4.273 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 5.4.273"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 5.10.214 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 5.10.214"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 5.15.153 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 5.15.153"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 6.1.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 6.1.83"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 6.6.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 6.6.23"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 6.7.11"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 6.8.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 6.8.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.8 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.8 < 6.9"		en		Affected