CVE-2025-40344

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: Intel: avs: Disable periods-elapsed work when closing PCM

avs_dai_fe_shutdown() handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context, these two operations shall be synchronized to avoid slab-use-after-free or worse errors.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0dbb186c3510cad4e9f443e801bf2e6ab5770c00 < ca6d2b7aca778afbf8c0c4b330d10cb228c14052affected
LinuxLinux0dbb186c3510cad4e9f443e801bf2e6ab5770c00 < b41fca4aa60be896ba8a81b57aac5dcc6eee66c0affected
LinuxLinux0dbb186c3510cad4e9f443e801bf2e6ab5770c00 < 845f716dc5f354c719f6fda35048b6c2eca99331affected
LinuxLinux31087af37d6b1586b76d4acf3e0c1634a4617ba6affected
LinuxLinux6.11.9 < 6.12affected
LinuxLinux6.12affected
LinuxLinux0 < 6.12unaffected
LinuxLinux6.12.58 <= 6.12.*unaffected
LinuxLinux6.17.8 <= 6.17.*unaffected
LinuxLinux6.18 <= *unaffected

Weaknesses

References