5.5

CVE-2023-53400

ALSA: hda: Fix Oops by 9.1 surround channel names

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: Fix Oops by 9.1 surround channel names

get_line_out_pfx() may trigger an Oops by overflowing the static array
with more than 8 channels.  This was reported for MacBookPro 12,1 with
Cirrus codec.

As a workaround, extend for the 9.1 channels and also fix the
potential Oops by unifying the code paths accessing the same array
with the proper size check.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.14.316
LinuxLinux Kernel Version >= 4.15 < 4.19.284
LinuxLinux Kernel Version >= 4.20 < 5.4.244
LinuxLinux Kernel Version >= 5.5 < 5.10.181
LinuxLinux Kernel Version >= 5.11 < 5.15.113
LinuxLinux Kernel Version >= 5.16 < 6.1.30
LinuxLinux Kernel Version >= 6.2 < 6.3.4
LinuxLinux Kernel Version6.4 Updaterc1
LinuxLinux Kernel Version6.4 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.033
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/082dcd51667b29097500c824c37f24da997a6a8a
Patch
https://git.kernel.org/stable/c/b5694aae4c2d9a288bafce7d38f122769e0428e6
Patch
https://git.kernel.org/stable/c/4ef155ddf9578bf035964d58739fdcd7dd44b4a4
Patch
https://git.kernel.org/stable/c/546b1f5f45a355ae0d3a8041cdaca597dfcac825
Patch
https://git.kernel.org/stable/c/e8c7d7c43d5edd20e518fe1dfb2371d1fe6e8bb8
Patch
https://git.kernel.org/stable/c/dc8c569d59f17b17d7bca4f68c36bd571659921e
Patch
https://git.kernel.org/stable/c/fcf637461019e9a5a0c12fc5c42a9db1779b0634
Patch
https://git.kernel.org/stable/c/3b44ec8c5c44790a82f07e90db45643c762878c6
Patch