CVE-2023-52697

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL

sof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of them use the same dai name. For example, rt712 and rt713 both use "rt712-sdca-aif1" and sof_sdw_rt_sdca_jack_exit(). As a result, sof_sdw_rt_sdca_jack_exit() will be called twice by mc_dailink_exit_loop(). Set ctx->headset_codec_dev = NULL; after put_device(ctx->headset_codec_dev); to avoid ctx->headset_codec_dev being put twice.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5360c67046385f90406ec17e367ba9aeb42d5459 < a410d58117d6da4b7d41f3c91365f191d006bc3daffected
LinuxLinux5360c67046385f90406ec17e367ba9aeb42d5459 < 582231a8c4f73ac153493687ecc1bed853e9c9efaffected
LinuxLinux5360c67046385f90406ec17e367ba9aeb42d5459 < e38e252dbceeef7d2f848017132efd68e9ae1416affected
LinuxLinux6.5affected
LinuxLinux0 < 6.5unaffected
LinuxLinux6.6.14 <= 6.6.*unaffected
LinuxLinux6.7.2 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References