CVE-2023-52988
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
snd_hda_get_connections() can return a negative error code. It may lead to accessing 'conn' array at a negative index.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 30b4503378c976cf66201a1e81820519f6bd79ac < 437e50ef6290ac835d526d0e45f466a0aa69ba1b | affected |
| Linux | Linux | 30b4503378c976cf66201a1e81820519f6bd79ac < 6e1f586ddec48d71016b81acf68ba9f49ca54db8 | affected |
| Linux | Linux | 30b4503378c976cf66201a1e81820519f6bd79ac < d6870f3800dbb212ae8433183ee82f566d067c6c | affected |
| Linux | Linux | 30b4503378c976cf66201a1e81820519f6bd79ac < 2b557fa635e7487f638c0f030c305870839eeda2 | affected |
| Linux | Linux | 30b4503378c976cf66201a1e81820519f6bd79ac < 1b9256c96220bcdba287eeeb90e7c910c77f8c46 | affected |
| Linux | Linux | 30b4503378c976cf66201a1e81820519f6bd79ac < f011360ad234a07cb6fbcc720fff646a93a9f0d6 | affected |
| Linux | Linux | 30b4503378c976cf66201a1e81820519f6bd79ac < b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa | affected |
| Linux | Linux | 3.1 | affected |
| Linux | Linux | 0 < 3.1 | unaffected |
| Linux | Linux | 4.14.306 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.273 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.232 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.168 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.93 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.11 <= 6.1.* | unaffected |
| Linux | Linux | 6.2 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://git.kernel.org/stable/c/437e50ef6290ac835d526d0e45f466a0aa69ba1b
- https://git.kernel.org/stable/c/6e1f586ddec48d71016b81acf68ba9f49ca54db8
- https://git.kernel.org/stable/c/d6870f3800dbb212ae8433183ee82f566d067c6c
- https://git.kernel.org/stable/c/2b557fa635e7487f638c0f030c305870839eeda2
- https://git.kernel.org/stable/c/1b9256c96220bcdba287eeeb90e7c910c77f8c46
- https://git.kernel.org/stable/c/f011360ad234a07cb6fbcc720fff646a93a9f0d6
- https://git.kernel.org/stable/c/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.