THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-39473

ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension

AssignerLinux
Reserved2024-06-25
Published2024-07-05
Updated2024-07-15

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process->base_config_ext is NULL, causing NULL dereference when specifically crafted topology and sequences used.

Product status

Default status
unaffected

648fea128476 before e3ae00ee238b
affected

648fea128476 before 9e16f17a2a0e
affected

648fea128476 before ffa077b2f6ad
affected

Default status
affected

6.4
affected

Any version before 6.4
unaffected

6.6.34
unaffected

6.9.5
unaffected

6.10
unaffected

References

https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6

https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368

https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8

cve.org CVE-2024-39473

nvd.nist.gov CVE-2024-39473

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-39473
© Copyright 2024 THREATINT. Made in Cyprus with +