5.5

CVE-2024-56657

ALSA: control: Avoid WARN() for symlink errors

In the Linux kernel, the following vulnerability has been resolved:

ALSA: control: Avoid WARN() for symlink errors

Using WARN() for showing the error of symlink creations don't give
more information than telling that something goes wrong, since the
usual code path is a lregister callback from each control element
creation.  More badly, the use of WARN() rather confuses fuzzer as if
it were serious issues.

This patch downgrades the warning messages to use the normal dev_err()
instead of WARN().  For making it clearer, add the function name to
the prefix, too.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.13 < 6.6.67
LinuxLinux Kernel Version >= 6.7 < 6.12.6
LinuxLinux Kernel Version6.13 Updaterc1
LinuxLinux Kernel Version6.13 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.21% 0.117
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/36c0764474b637bbee498806485bed524cad486b
Patch
https://git.kernel.org/stable/c/b2e538a9827dd04ab5273bf4be8eb2edb84357b0
Patch
https://git.kernel.org/stable/c/d5a1ca7b59804d6779644001a878ed925a4688ca
Patch
https://git.kernel.org/stable/c/365ee29e559269cbb2108c4cc05dd8e262b4e84e
https://git.kernel.org/stable/c/4e5a92a7223c83c1f5f2db6cd010ac9347948972