Lucene search

K

GoogleOSV:UBUNTU-CVE-2024-38551

HistoryJun 19, 2024 - 2:15 p.m.

UBUNTU-CVE-2024-38551

2024-06-1914:15:00

Google

osv.dev

linux kernel

mediatek

sound card drivers

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is present and used on a board to assign the correct parameters and this is done by checking the codec DAI names at probe time. If no real codec is present, assign the dummy codec to the DAI link to avoid NULL pointer during string comparison.

References

git.kernel.org/linus/5f39231888c63f0a7708abc86b51b847476379d8

git.kernel.org/stable/c/0c052b1c11d8119f3048b1f7b3c39a90500cacf9

git.kernel.org/stable/c/5f39231888c63f0a7708abc86b51b847476379d8

git.kernel.org/stable/c/87b8dca6e06f9b1681bc52bf7bfa85c663a11158

git.kernel.org/stable/c/cbbcabc7f0979f6542372cf88d7a9da7143a4226

ubuntu.com/security/CVE-2024-38551

ubuntu.com/security/notices/USN-6949-1

ubuntu.com/security/notices/USN-6949-2

ubuntu.com/security/notices/USN-6952-1

ubuntu.com/security/notices/USN-6952-2

ubuntu.com/security/notices/USN-6955-1

www.cve.org/CVERecord?id=CVE-2024-38551

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

Related for OSV:UBUNTU-CVE-2024-38551

redhatcve1 nvd1 vulnrichment1 cve1 debiancve1 ubuntucve1 osv9 cvelist1 openvas7 ubuntu4 nessus8 mageia2