CVE-2024-50011

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item

There is no links_num in struct snd_soc_acpi_mach {}, and we test !link->num_adr as a condition to end the loop in hda_sdw_machine_select(). So an empty item in struct snd_soc_acpi_link_adr array is required.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux65ab45b90656e9b7ed51bce27ab7d83618167e76 < aa3109ee91fe09e696274e6ac44813df8d13678faffected
LinuxLinux65ab45b90656e9b7ed51bce27ab7d83618167e76 < 5afc29ba44fdd1bcbad4e07246c395d946301580affected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.11.3 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References