7.8
CVE-2023-52988
- EPSS 0.26%
- Veröffentlicht 27.03.2025 16:43:25
- Zuletzt bearbeitet 01.10.2025 18:15:35
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() snd_hda_get_connections() can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux Verification Center (linuxtesting.org) with SVACE.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 3.1 < 4.14.306
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.273
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.232
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.168
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.93
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.11
Linux ≫ Linux Kernel Version6.2 Updaterc1
Linux ≫ Linux Kernel Version6.2 Updaterc2
Linux ≫ Linux Kernel Version6.2 Updaterc3
Linux ≫ Linux Kernel Version6.2 Updaterc4
Linux ≫ Linux Kernel Version6.2 Updaterc5
Linux ≫ Linux Kernel Version6.2 Updaterc6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.26% | 0.174 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-129 Improper Validation of Array Index
The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.
https://git.kernel.org/stable/c/437e50ef6290ac835d526d0e45f466a0aa69ba1b
https://git.kernel.org/stable/c/6e1f586ddec48d71016b81acf68ba9f49ca54db8
https://git.kernel.org/stable/c/d6870f3800dbb212ae8433183ee82f566d067c6c
https://git.kernel.org/stable/c/2b557fa635e7487f638c0f030c305870839eeda2
https://git.kernel.org/stable/c/1b9256c96220bcdba287eeeb90e7c910c77f8c46
https://git.kernel.org/stable/c/f011360ad234a07cb6fbcc720fff646a93a9f0d6
https://git.kernel.org/stable/c/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa