CVE-2024-46863

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item

There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an empty item in struct snd_soc_acpi_link_adr array is required.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxdd3bd9dc47084195fcb3c1b371cb03046abb13ab < 8eb57389d8ad91c67bf844f5aae4caef74b9091baffected
LinuxLinuxdd3bd9dc47084195fcb3c1b371cb03046abb13ab < c4246f1fe9f24f8dcd97887ed67d8fcfd91f4796affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.10.11 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References