CVE-2023-54233

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: SOF: avoid a NULL dereference with unsupported widgets

If an IPC4 topology contains an unsupported widget, its .module_info field won't be set, then sof_ipc4_route_setup() will cause a kernel Oops trying to dereference it. Add a check for such cases.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3acd527089463742a3dd95e274d53c2fdd834716 < 170818974e9732506195c6302743856cc8bdfd6faffected
LinuxLinux3acd527089463742a3dd95e274d53c2fdd834716 < e3720f92e0237921da537e47a0b24e27899203f8affected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.2.11 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References