7 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Firmware: csdsp: Fixed out-of-bounds memory read access in KUnit tests wmfw info KASAN reported an out-of-bounds access – csdspmockwmfwaddinfo, because the length of the source string was rounded up to the allocation size...
UBUNTU-CVE-2025-38329
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test wmfw info KASAN reported out of bounds access - csdspmockwmfwaddinfo, because the source string length was rounded up to the allocation size...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Firmware: csdsp: Use strnlen on name fields in V1 wmfw files. Use strnlen instead of strlen for the algorithm and coefficient name string arrays in V1 wmfw files. In V1 wmfw files, the name is a NUL-terminated string stored in a...
kernel: firmware: cs_dsp: Validate payload length before processing block
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Validate payload length before processing block Move the payload length check in csdspload and csdspcoeffload to be done before the block is processed. The check that the length of a block payload does not exceed...
AZL-47595 CVE-2024-42237 affecting package kernel for versions less than 5.15.162.2-1
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Validate payload length before processing block Move the payload length check in csdspload and csdspcoeffload to be done before the block is processed. The check that the length of a block payload does not exceed...
DEBIAN-CVE-2024-42238
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Return error if block header overflows file Return an error from csdsppowerup if a block header is longer than the amount of data left in the file. The previous code in csdspload and csdsploadcoeff would loop whi...
SUSE CVE-2024-41038
In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Prevent buffer overrun when processing V2 alg headers Check that all fields of a V2 algorithm header fit into the available firmware data buffer. The wmfw V2 format introduced variable-length strings in the...