VDB

CISA-2024-58012

CISA-2024-58012 PUBLISHED CVSS 5.5 MEDIUM

Reported by Linux · Published February 27, 2025

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params Each cpu DAI should associate with a widget. However, the topology might not create the right number of DAI widgets for aggregated amps. And it will cause NULL pointer deference. Check that the DAI widget associated with the CPU DAI is valid to prevent NULL pointer deference due to missing DAI widgets in topologies with aggregated amps.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
LinuxLinux4c414da93a4642d02c67fbe82f1834be7bf586b7, 4c414da93a4642d02c67fbe82f1834be7bf586b7, 4c414da93a4642d02c67fbe82f1834be7bf586b7
LinuxLinux5.7, 0, 6.12.14
linuxlinux_kernel5.7, 5.7, 5.7
LinuxLinux4c414da93a4642d02c67fbe82f1834be7bf586b7, 4c414da93a4642d02c67fbe82f1834be7bf586b7, 5.7

Timeline

  • Feb 27, 2025 CVE Published
  • May 4, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›