CVE-2023-52987

Published: Mar 27, 2025Modified: Oct 29, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sof_ipc4_priority_mask_dfs_write() The "id" comes from the user. Change the type to unsigned to prevent an array underflow.

Affected (7)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.1 to 6.1.11
Linux Linux Kernel	Version 6.2 rc1
Linux Linux Kernel	Version 6.2 rc2
Linux Linux Kernel	Version 6.2 rc3
Linux Linux Kernel	Version 6.2 rc4
Linux Linux Kernel	Version 6.2 rc5
Linux Linux Kernel	Version 6.2 rc6

Related CWEs

CWE-129

Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References (2)

https://git.kernel.org/stable/c/d52f34784e4e2f6e77671a9f104d8a69a3b5d24c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ea57680af47587397f5005d7758022441ed66d54

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.