CVE-2024-46862

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: soc-acpi-intel-mtl-match: add missing empty item

There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an empty item in struct snd_soc_acpi_link_adr array is required.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf77ae7fcdc47630eb7653983f3c57ac44103aebc < 01281a9e8275946aa725db0919769b8d35af3a11affected
LinuxLinuxf77ae7fcdc47630eb7653983f3c57ac44103aebc < bf6d7a44a144aa9c476dee83c23faf3151181babaffected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.10.11 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References