Kai Vehmanen

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A bug has been resolved in the Linux kernel related to a null dereference on system suspend entry. When the system enters suspend with an active stream, the SOF core calls `hw params upon resume()`. On Intel platforms with HDA DMA used to manage the link DMA, this leads to a call chain of `hda dsp set hw params upon resume()` -> `hda dsp dais suspend()` -> `hda dai suspend()` -> `hda ipc4 post trigger()`. A bug is hit in `hda dai suspend()` as `hda link dma cleanup()` is run first, which clears `hext stream->link substream`, and then `hda ipc4 post trigger()` is called with a NULL `snd pcm substream` pointer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.