Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: fix null deref on system suspend entry When system enters suspend with an active stream, SOF core calls hw_params_upon_resume(). On Intel platforms with HDA DMA used to manage the link DMA, this leads to call chain of hda_dsp_set_hw_params_upon_resume() -> hda_dsp_dais_suspend() -> hda_dai_suspend() -> hda_ipc4_post_trigger() A bug is hit in hda_dai_suspend() as hda_link_dma_cleanup() is run first, which clears hext_stream->link_substream, and then hda_ipc4_post_trigger() is called with a NULL snd_pcm_substream pointer.

INFO

Published Date :

2024-07-29T14:31:51.501Z

Last Modified :

2025-05-04T09:20:39.404Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-41037 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-41037.

URL Resource
https://git.kernel.org/stable/c/8246bbf818ed7b8d5afc92b951e6d562b45c2450 cve-icon cve-icon
https://git.kernel.org/stable/c/9065693dcc13f287b9e4991f43aee70cf5538fdd cve-icon cve-icon
https://git.kernel.org/stable/c/993af0f2d9f24e3c18a445ae22b34190d1fcad61 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024072923-CVE-2024-41037-84b8@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-41037 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-41037 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact