SB2024091866 - Out-of-bounds read in Linux kernel intel boards

Description

This security bulletin contains information about 1 security vulnerability.

1) Out-of-bounds read (CVE-ID: CVE-2024-46793)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the snd_cht_mc_probe() function in sound/soc/intel/boards/cht_bsw_rt5672.c, within the snd_cht_mc_probe() function in sound/soc/intel/boards/cht_bsw_rt5645.c, within the snd_byt_wm5102_mc_probe() function in sound/soc/intel/boards/bytcr_wm5102.c, within the snd_byt_rt5651_mc_probe() function in sound/soc/intel/boards/bytcr_rt5651.c, within the snd_byt_rt5640_mc_probe() function in sound/soc/intel/boards/bytcr_rt5640.c, within the snd_byt_cht_es8316_mc_probe() function in sound/soc/intel/boards/bytcht_es8316.c, within the bytcht_da7213_probe() function in sound/soc/intel/boards/bytcht_da7213.c, within the snd_byt_cht_cx2072x_probe() function in sound/soc/intel/boards/bytcht_cx2072x.c, within the broxton_audio_probe() function in sound/soc/intel/boards/bxt_rt298.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/85cda5b040bda9c577b34eb72d5b2e5b7e31985c
• https://git.kernel.org/stable/c/0cc65482f5b03ac2b1c240bc34665e43ea2d71bb
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10.10
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.11