ГлавнаяУязвимости → CVE-2023-52697
7.1высокая

CVE-2023-52697

→ есть в БДУ: BDU:2024-09944 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL sof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of them use the same dai name. For example, rt712 and rt713 both use "rt712-sdca-aif1" and sof_sdw_rt_sdca_jack_exit(). As a result, sof_sdw_rt_sdca_jack_exit() will be called twice by mc_dailink_exit_loop(). Set ctx->headset_codec_dev = NULL; after put_device(ctx->headset_codec_dev); to avoid ctx->headset_codec_dev being put twice.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.1 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Источники
https://git.kernel.org/stable/c/582231a8c4f73ac153493687ecc1bed853e9c9efhttps://git.kernel.org/stable/c/a410d58117d6da4b7d41f3c91365f191d006bc3dhttps://git.kernel.org/stable/c/e38e252dbceeef7d2f848017132efd68e9ae1416https://git.kernel.org/stable/c/582231a8c4f73ac153493687ecc1bed853e9c9efhttps://git.kernel.org/stable/c/a410d58117d6da4b7d41f3c91365f191d006bc3dhttps://git.kernel.org/stable/c/e38e252dbceeef7d2f848017132efd68e9ae1416