In the Linux kernel, the following vulnerability has been resolved:
ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension
If a process module does not have base config extension then the same
format applies to all of it's inputs and the process->base_config_ext is
NULL, causing NULL dereference when specifically crafted topology and
sequences used.
References
Link | Resource |
---|---|
https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368 | Mailing List Patch |
https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6 | Mailing List Patch |
https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8 | Mailing List Patch |
Configurations
Configuration 1 (hide)
|
History
08 Jul 2024, 17:12
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CWE | CWE-476 | |
References | () https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368 - Mailing List, Patch | |
References | () https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6 - Mailing List, Patch | |
References | () https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8 - Mailing List, Patch | |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:* |
|
First Time |
Linux
Linux linux Kernel |
05 Jul 2024, 12:55
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
05 Jul 2024, 07:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-05 07:15
Updated : 2024-07-08 17:12
NVD link : CVE-2024-39473
Mitre link : CVE-2024-39473
CVE.ORG link : CVE-2024-39473
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-476
NULL Pointer Dereference