We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-46849

ASoC: meson: axg-card: fix 'use-after-free'



Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card->dai_link' is reallocated in 'meson_card_reallocate_links()', so move 'pad' pointer initialization after this function when memory is already reallocated. Kasan bug report: ================================================================== BUG: KASAN: slab-use-after-free in axg_card_add_link+0x76c/0x9bc Read of size 8 at addr ffff000000e8b260 by task modprobe/356 CPU: 0 PID: 356 Comm: modprobe Tainted: G O 6.9.12-sdkernel #1 Call trace: dump_backtrace+0x94/0xec show_stack+0x18/0x24 dump_stack_lvl+0x78/0x90 print_report+0xfc/0x5c0 kasan_report+0xb8/0xfc __asan_load8+0x9c/0xb8 axg_card_add_link+0x76c/0x9bc [snd_soc_meson_axg_sound_card] meson_card_probe+0x344/0x3b8 [snd_soc_meson_card_utils] platform_probe+0x8c/0xf4 really_probe+0x110/0x39c __driver_probe_device+0xb8/0x18c driver_probe_device+0x108/0x1d8 __driver_attach+0xd0/0x25c bus_for_each_dev+0xe0/0x154 driver_attach+0x34/0x44 bus_add_driver+0x134/0x294 driver_register+0xa8/0x1e8 __platform_driver_register+0x44/0x54 axg_card_pdrv_init+0x20/0x1000 [snd_soc_meson_axg_sound_card] do_one_initcall+0xdc/0x25c do_init_module+0x10c/0x334 load_module+0x24c4/0x26cc init_module_from_file+0xd4/0x128 __arm64_sys_finit_module+0x1f4/0x41c invoke_syscall+0x60/0x188 el0_svc_common.constprop.0+0x78/0x13c do_el0_svc+0x30/0x40 el0_svc+0x38/0x78 el0t_64_sync_handler+0x100/0x12c el0t_64_sync+0x190/0x194

Reserved 2024-09-11 | Published 2024-09-27 | Updated 2024-11-08 | Assigner Linux

Product status

Default status
unaffected

7864a79f37b5 before a33145f494e6
affected

7864a79f37b5 before 5a2cc2bb8139
affected

7864a79f37b5 before fb0530025d50
affected

7864a79f37b5 before e1a199ec3161
affected

7864a79f37b5 before e43364f578cd
affected

7864a79f37b5 before 7d318166bf55
affected

7864a79f37b5 before 4f9a71435953
affected

Default status
affected

4.19
affected

Any version before 4.19
unaffected

5.4.285
unaffected

5.10.227
unaffected

5.15.168
unaffected

6.1.111
unaffected

6.6.52
unaffected

6.10.11
unaffected

6.11
unaffected

References

git.kernel.org/...c/a33145f494e6cb82f3e018662cc7c4febf271f22

git.kernel.org/...c/5a2cc2bb81399e9ebc72560541137eb04d61dc3d

git.kernel.org/...c/fb0530025d502cb79d2b2801b14a9d5261833f1a

git.kernel.org/...c/e1a199ec31617242e1a0ea8f312341e682d0c037

git.kernel.org/...c/e43364f578cdc2f8083abbc0cb743ea55e827c29

git.kernel.org/...c/7d318166bf55e9029d56997c3b134f4ac2ae2607

git.kernel.org/...c/4f9a71435953f941969a4f017e2357db62d85a86

cve.org (CVE-2024-46849)

nvd.nist.gov (CVE-2024-46849)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-46849

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.