Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a null pointer dereference in the implementation of the snd card cs46xx probe handler of the sound/pci/cs46xx/snd-cs46xx.ko module. This can be exploited to cause a denial of service in the operating system when a Cirrus Logic Sound Fusion CS46xx device, represented as a PCI device, is connected. The problem arises from the snd cs46xx create function, called from the snd card cs46xx probe handler, where memory is allocated for the chip and initialized with zeros. If the device returns 0 when querying pci resource start for index 0 or 1, the snd cs46xx free function is called, which in turn calls snd cs46xx proc done, leading to cs46xx dsp proc done. In this last function, a null pointer dereference occurs, specifically chip->dsp spos instance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.