CVE-2024-39473
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
If a process module does not have base config extension then the same format applies to all of it's inputs and the process->base_config_ext is NULL, causing NULL dereference when specifically crafted topology and sequences used.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 648fea12847695d60ddeebea86597114885ee76e < e3ae00ee238bce6cfa5ad935c921181c14d18fd6 | affected |
| Linux | Linux | 648fea12847695d60ddeebea86597114885ee76e < 9e16f17a2a0e97b43538b272e7071537a3e03368 | affected |
| Linux | Linux | 648fea12847695d60ddeebea86597114885ee76e < ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8 | affected |
| Linux | Linux | 6.4 | affected |
| Linux | Linux | 0 < 6.4 | unaffected |
| Linux | Linux | 6.6.34 <= 6.6.* | unaffected |
| Linux | Linux | 6.9.5 <= 6.9.* | unaffected |
| Linux | Linux | 6.10 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6
- https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368
- https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8
References
- https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6
- https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368
- https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.