Lucene search
LinuxCVELIST:CVE-2024-39473HistoryJul 05, 2024 - 6:55 a.m.
CVE-2024-39473 ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
2024-07-0506:55:04
Linux
www.cve.org
7
linux kernel
asoc
sof
ipc4-topology
input format query
process modules
base extension
null dereference
vulnerability
sequence
topology fix
EPSS
0
Percentile
5.1%
In the Linux kernel, the following vulnerability has been resolved:
ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
If a process module does not have base config extension then the same
format applies to all of it’s inputs and the process->base_config_ext is
NULL, causing NULL dereference when specifically crafted topology and
sequences used.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"sound/soc/sof/ipc4-topology.c"
],
"versions": [
{
"version": "648fea128476",
"lessThan": "e3ae00ee238b",
"status": "affected",
"versionType": "git"
},
{
"version": "648fea128476",
"lessThan": "9e16f17a2a0e",
"status": "affected",
"versionType": "git"
},
{
"version": "648fea128476",
"lessThan": "ffa077b2f6ad",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"sound/soc/sof/ipc4-topology.c"
],
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.34",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.9.5",
"lessThanOrEqual": "6.9.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.10",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
nessus
nessus
CBL Mariner 2.0 Security Update: kernel (CVE-2024-39473)
2024-08-11 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2802-1)
2024-08-08 00:00:00
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7005-2)
2024-09-13 00:00:00
ubuntucve
ubuntucve
CVE-2024-39473
2024-07-05 00:00:00
vulnrichment
vulnrichment
redhatcve
redhatcve
CVE-2024-39473
2024-07-05 12:50:43
cve
cve
CVE-2024-39473
2024-07-05 07:15:10
cbl_mariner
cbl_mariner
CVE-2024-39473 affecting package kernel for versions less than 6.6.35.1-5
2024-07-22 15:42:40
CVE-2024-39473 affecting package kernel for versions less than 5.15.164.1-1
2024-08-20 21:54:44
nvd
nvd
CVE-2024-39473
2024-07-05 07:15:10
debiancve
debiancve
CVE-2024-39473
2024-07-05 07:15:10
osv
osv
CVE-2024-39473
2024-07-05 07:15:10
linux-nvidia, linux-nvidia-lowlatency vulnerabilities
2024-09-12 13:47:54
linux-azure vulnerabilities
2024-09-12 13:23:45
openvas
openvas
Ubuntu: Security Advisory (USN-6999-1)
2024-09-12 00:00:00
Ubuntu: Security Advisory (USN-7005-2)
2024-09-16 00:00:00
Ubuntu: Security Advisory (USN-7005-1)
2024-09-13 00:00:00
mageia
mageia
Updated kernel kmod-xtables-addons kmod-virtualbox dwarves packages fix security vulnerabilities
2024-07-13 10:54:44
Updated kernel-linus packages fix security vulnerabilities
2024-07-14 08:23:38