Lucene search

Ubuntu.comUB:CVE-2023-52806

HistoryMay 21, 2024 - 12:00 a.m.

CVE-2023-52806

2024-05-2100:00:00

ubuntu.com

cve-2023-52806

linux kernel

alsa

hda

null-ptr-deref

stream types

audiodsp drivers

coupled

code-loading

vulnerability

security

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved: ALSA:
hda: Fix possible null-ptr-deref when assigning a stream While AudioDSP
drivers assign streams exclusively of HOST or LINK type, nothing blocks a
user to attempt to assign a COUPLED stream. As supplied substream instance
may be a stub, what is the case when code-loading, such scenario ends with
null-ptr-deref.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu24.04noarchlinux< anyUNKNOWN
ubuntu14.04noarchlinux< anyUNKNOWN
ubuntu16.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	24.04	noarch	linux	< any	UNKNOWN
ubuntu	14.04	noarch	linux	< any	UNKNOWN
ubuntu	16.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN

Rows per page:

1-10 of 951

References

git.kernel.org/linus/f93dc90c2e8ed664985e366aa6459ac83cdab236 (6.7-rc1)

git.kernel.org/stable/c/2527775616f3638f4fd54649eba8c7b84d5e4250

git.kernel.org/stable/c/25354bae4fc310c3928e8a42fda2d486f67745d7

git.kernel.org/stable/c/43b91df291c8802268ab3cfd8fccfdf135800ed4

git.kernel.org/stable/c/4a320da7f7cbdab2098b103c47f45d5061f42edd

git.kernel.org/stable/c/631a96e9eb4228ff75fce7e72d133ca81194797e

git.kernel.org/stable/c/758c7733cb821041f5fd403b7b97c0b95d319323

git.kernel.org/stable/c/7de25112de8222fd20564769e6c99dc9f9738a0b

git.kernel.org/stable/c/f93dc90c2e8ed664985e366aa6459ac83cdab236

git.kernel.org/stable/c/fe7c1a0c2b25c82807cb46fc3aadbf2664a682b0

launchpad.net/bugs/cve/CVE-2023-52806

nvd.nist.gov/vuln/detail/CVE-2023-52806

security-tracker.debian.org/tracker/CVE-2023-52806

www.cve.org/CVERecord?id=CVE-2023-52806

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for UB:CVE-2023-52806