CVE-2023-52904

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()

The subs function argument may be NULL, so do not use it before the NULL check.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbfd36b1d1869859af7ba94dc95ec05e74f40d0b7 < f57204edc10760c935d8d36ea999dc8acf018030affected
LinuxLinuxe1e0a181aea375edfae2f9a59070f95d904980d1 < a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8affected
LinuxLinux291e9da91403e0e628d7692b5ed505100e7b7706 < 92a9c0ad86d47ff4cce899012e355c400f02cfb8affected
LinuxLinux5.15.152 < 5.15.168affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References