[<prev] [next>] [day] [month] [year] [list]
Message-ID: <2024052101-CVE-2023-52806-e9ee@gregkh>
Date: Tue, 21 May 2024 17:31:42 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2023-52806: ALSA: hda: Fix possible null-ptr-deref when assigning a stream
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
ALSA: hda: Fix possible null-ptr-deref when assigning a stream
While AudioDSP drivers assign streams exclusively of HOST or LINK type,
nothing blocks a user to attempt to assign a COUPLED stream. As
supplied substream instance may be a stub, what is the case when
code-loading, such scenario ends with null-ptr-deref.
The Linux kernel CVE team has assigned CVE-2023-52806 to this issue.
Affected and fixed versions
===========================
Fixed in 4.14.331 with commit 7de25112de82
Fixed in 4.19.300 with commit 758c7733cb82
Fixed in 5.4.262 with commit 2527775616f3
Fixed in 5.10.202 with commit 25354bae4fc3
Fixed in 5.15.140 with commit 631a96e9eb42
Fixed in 6.1.64 with commit 43b91df291c8
Fixed in 6.5.13 with commit fe7c1a0c2b25
Fixed in 6.6.3 with commit 4a320da7f7cb
Fixed in 6.7 with commit f93dc90c2e8e
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2023-52806
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
sound/hda/hdac_stream.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b
https://git.kernel.org/stable/c/758c7733cb821041f5fd403b7b97c0b95d319323
https://git.kernel.org/stable/c/2527775616f3638f4fd54649eba8c7b84d5e4250
https://git.kernel.org/stable/c/25354bae4fc310c3928e8a42fda2d486f67745d7
https://git.kernel.org/stable/c/631a96e9eb4228ff75fce7e72d133ca81194797e
https://git.kernel.org/stable/c/43b91df291c8802268ab3cfd8fccfdf135800ed4
https://git.kernel.org/stable/c/fe7c1a0c2b25c82807cb46fc3aadbf2664a682b0
https://git.kernel.org/stable/c/4a320da7f7cbdab2098b103c47f45d5061f42edd
https://git.kernel.org/stable/c/f93dc90c2e8ed664985e366aa6459ac83cdab236
Powered by blists - more mailing lists