CVE-2024-26799

MEDIUM

Linux Kernel 5.18-6.6.20, 6.7.0-6.7.8 - Use-After-Free in ASoC QCOM DMA Control

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix uninitialized pointer dmactl In the case where __lpass_get_dmactl_handle is called and the driver id dai_id is invalid the pointer dmactl is not being assigned a value, and dmactl contains a garbage value since it has not been initialized and so the null check may not work. Fix this to initialize dmactl to NULL. One could argue that modern compilers will set this to zero, but it is useful to keep this initialized as per the same way in functions __lpass_platform_codec_intf_init and lpass_cdc_dma_daiops_hw_params. Cleans up clang scan build warning: sound/soc/qcom/lpass-cdc-dma.c:275:7: warning: Branch condition evaluates to a garbage value [core.uninitialized.Branch]

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/99adc8b4d2f38bf0d06483ec845bc48f60c3f8cf

Patch

https://git.kernel.org/stable/c/d5a7726e6ea62d447b79ab5baeb537ea6bdb225b

Patch

https://git.kernel.org/stable/c/1382d8b55129875b2e07c4d2a7ebc790183769ee

Scores

CVSS v3 6.2

EPSS 0.0023

EPSS Percentile 14.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-824

Status published

Products (12)

linux/Kernel 5.18.0 - 6.6.21linux

linux/Kernel 6.7.0 - 6.7.9linux

Linux/Linux < 5.18

Linux/Linux 5.18

Linux/Linux 6.6.21 - 6.6.*

Linux/Linux 6.7.9 - 6.7.*

Linux/Linux 6.8

Linux/Linux b81af585ea54ee9f749391e594ee9cbd44061eae - 1382d8b55129875b2e07c4d2a7ebc790183769ee

Linux/Linux b81af585ea54ee9f749391e594ee9cbd44061eae - 99adc8b4d2f38bf0d06483ec845bc48f60c3f8cf

Linux/Linux b81af585ea54ee9f749391e594ee9cbd44061eae - d5a7726e6ea62d447b79ab5baeb537ea6bdb225b

... and 2 more

Published Apr 04, 2024

Tracked Since Feb 18, 2026