PT-2024-33846 · Linux+7 · Linux Kernel+7
Published
2024-08-08
·
Updated
2026-06-16
·
CVE-2024-50007
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Linux kernel versions prior to 6.6.58
Description:
A potential out-of-bounds (OOB) array access issue was found in the ALSA: asihpi driver of the Linux kernel. The ASIHPI driver stores values in a static array based on a response from the driver, with an index that depends on the firmware. To address this, a sanity check has been added to ensure the array index fits within the array size.
Recommendations:
For versions prior to 6.6.58, update to version 6.6.58 or later to resolve the issue.
As a temporary workaround, consider restricting access to the ALSA: asihpi driver until a patch is available.
Exploit
Fix
DoS
Improper Validation of Array Index
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Astra Linux
Debian
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu