Detections
Analytics

CVE-2024-56657

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Avoid WARN() for symlink errors Using WARN() for showing the error of symlink creations don't give more information than telling that something goes wrong, since the usual code path is a lregister callback from each control element creation. More badly, the use of WARN() rather confuses fuzzer as if it were serious issues. This patch downgrades the warning messages to use the normal dev_err() instead of WARN(). For making it clearer, add the function name to the prefix, too.

References

https://git.kernel.org/stable/c/d5a1ca7b59804d6779644001a878ed925a4688ca

https://git.kernel.org/stable/c/b2e538a9827dd04ab5273bf4be8eb2edb84357b0

https://git.kernel.org/stable/c/36c0764474b637bbee498806485bed524cad486b

Details

Source: Mitre, NVD

Published: 2024-12-27

Updated: 2025-01-06

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium