CVE-2024-50105

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream alloc to soundcards") moved the allocation of Soundwire stream runtime from the Qualcomm Soundwire driver to each individual machine sound card driver, except that it forgot to update SC7280 card. Just like for other Qualcomm sound cards using Soundwire, the card driver should allocate and release the runtime. Otherwise sound playback will result in a NULL pointer dereference or other effect of uninitialized memory accesses (which was confirmed on SDM845 having similar issue).

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/176a41ebec42a921277cd34e8c0c2e776a9dd6c4	Patch
https://git.kernel.org/stable/c/db7e59e6a39a4d3d54ca8197c796557e6d480b0d	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.12:rc4::::::

History

No history.

Information

Published : 2024-11-05 18:15

Updated : 2024-11-12 15:06

NVD link : CVE-2024-50105

Mitre link : CVE-2024-50105

CVE.ORG link : CVE-2024-50105

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2024-50105", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-11-05T18:15:14.063", "references": [{"url": "https://git.kernel.org/stable/c/176a41ebec42a921277cd34e8c0c2e776a9dd6c4", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/db7e59e6a39a4d3d54ca8197c796557e6d480b0d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc\n\nCommit 15c7fab0e047 (\"ASoC: qcom: Move Soundwire runtime stream alloc to\nsoundcards\") moved the allocation of Soundwire stream runtime from the\nQualcomm Soundwire driver to each individual machine sound card driver,\nexcept that it forgot to update SC7280 card.\n\nJust like for other Qualcomm sound cards using Soundwire, the card\ndriver should allocate and release the runtime. Otherwise sound\nplayback will result in a NULL pointer dereference or other effect of\nuninitialized memory accesses (which was confirmed on SDM845 having\nsimilar issue)."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 (\"ASoC: qcom: Move Soundwire runtime stream alloc to soundcards\") movi\u00f3 la asignaci\u00f3n de tiempo de ejecuci\u00f3n de flujo Soundwire del controlador Qualcomm Soundwire al controlador de tarjeta de sonido de cada m\u00e1quina individual, excepto que olvid\u00f3 actualizar la tarjeta SC7280. Al igual que para otras tarjetas de sonido Qualcomm que usan Soundwire, el controlador de la tarjeta debe asignar y liberar el tiempo de ejecuci\u00f3n. De lo contrario, la reproducci\u00f3n de sonido dar\u00e1 como resultado una desreferencia de puntero NULL u otro efecto de accesos a memoria no inicializados (lo que se confirm\u00f3 en SDM845 que ten\u00eda un problema similar)."}], "lastModified": "2024-11-12T15:06:14.500", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CAA29A6-36B4-4C90-A862-A816F65153DB", "versionEndExcluding": "6.11.6", "versionStartIncluding": "6.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F361E1D-580F-4A2D-A509-7615F73167A1"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "925478D0-3E3D-4E6F-ACD5-09F28D5DF82C"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C95E234-D335-4B6C-96BF-E2CEBD8654ED"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.12:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0F717D8-3014-4F84-8086-0124B2111379"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}