CVE-2024-57880

high

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Add space for a terminator into DAIs array The code uses the initialised member of the asoc_sdw_dailink struct to determine if a member of the array is in use. However in the case the array is completely full this will lead to an access 1 past the end of the array, expand the array by one entry to include a space for a terminator.

References

https://git.kernel.org/stable/c/b21a849764a4111b0bc14a5ffe987a0582419de2

https://git.kernel.org/stable/c/255cc582e6e16191a20d54bcdbca6c91d3e90c5e

Details

Source: Mitre, NVD

Published: 2025-01-11

Updated: 2025-01-11

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics