First published: Tue May 21 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP drivers assign streams exclusively of HOST or LINK type, nothing blocks a user to attempt to assign a COUPLED stream. As supplied substream instance may be a stub, what is the case when code-loading, such scenario ends with null-ptr-deref.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | <4.14.331 | |
Linux Linux kernel | >=4.15<4.19.300 | |
Linux Linux kernel | >=4.20<5.4.262 | |
Linux Linux kernel | >=5.5<5.10.202 | |
Linux Linux kernel | >=5.11<5.15.140 | |
Linux Linux kernel | >=5.16<6.1.64 | |
Linux Linux kernel | >=6.2<6.5.13 | |
Linux Linux kernel | >=6.6<6.6.3 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.