AI Score
Confidence
Low
EPSS
Percentile
5.1%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
In the Linux kernel, the following vulnerability has been resolved:
ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
If a process module does not have base config extension then the same
format applies to all of it’s inputs and the process->base_config_ext is
NULL, causing NULL dereference when specifically crafted topology and
sequences used.
[
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "648fea128476",
"lessThan": "e3ae00ee238b",
"versionType": "git"
},
{
"status": "affected",
"version": "648fea128476",
"lessThan": "9e16f17a2a0e",
"versionType": "git"
},
{
"status": "affected",
"version": "648fea128476",
"lessThan": "ffa077b2f6ad",
"versionType": "git"
}
],
"programFiles": [
"sound/soc/sof/ipc4-topology.c"
],
"defaultStatus": "unaffected"
},
{
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"product": "Linux",
"versions": [
{
"status": "affected",
"version": "6.4"
},
{
"status": "unaffected",
"version": "0",
"lessThan": "6.4",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.6.34",
"versionType": "custom",
"lessThanOrEqual": "6.6.*"
},
{
"status": "unaffected",
"version": "6.9.5",
"versionType": "custom",
"lessThanOrEqual": "6.9.*"
},
{
"status": "unaffected",
"version": "6.10",
"versionType": "original_commit_for_fix",
"lessThanOrEqual": "*"
}
],
"programFiles": [
"sound/soc/sof/ipc4-topology.c"
],
"defaultStatus": "affected"
}
]