CVE-2021-46926

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: intel-sdw-acpi: harden detection of controller

The existing code currently sets a pointer to an ACPI handle before checking that it's actually a SoundWire controller. This can lead to issues where the graph walk continues and eventually fails, but the pointer was set already.

This patch changes the logic so that the information provided to the caller is set when a controller is found.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6f11586f4896ee448262747788a0a3faf0fe9066 < cce476954401e3421afafb25bbaa926050688b1daffected
LinuxLinux6f11586f4896ee448262747788a0a3faf0fe9066 < 385f287f9853da402d94278e59f594501c1d1dadaffected
LinuxLinux5.3affected
LinuxLinux0 < 5.3unaffected
LinuxLinux5.15.13 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References