PT-2024-35510 · Linux+4 · Linux Kernel+4

Published

2024-10-28

Updated

2025-09-29

CVE-2024-53045

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A bounds checker error in the dapm widget list create function has been resolved. The error occurred because the num widgets variable, which is used for bounds checking, was not set before the widgets array was filled. This could cause the bounds sanitizer to issue a warning or a kernel panic if CONFIG UBSAN TRAP is set. The patch sets the initial value of num widgets to the size of the widgets list calculated with list for each, and updates it with the actual number of added elements after the array is filled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Validation of Array Index

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-129

Related Identifiers

ALSA-2025_16880

ALT-PU-2024-17211

BDU:2025-15053

CVE-2024-53045

OPENSUSE-SU-2024_4314-1

OPENSUSE-SU-2024_4316-1

SUSE-SU-2024:4314-1

SUSE-SU-2024:4316-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4387-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

USN-7276-1

USN-7277-1

USN-7310-1

USN-7449-1

USN-7449-2

USN-7450-1

USN-7451-1

USN-7452-1

USN-7453-1

USN-7468-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Linuxmint

Linux Kernel

Suse

Ubuntu

PT-2024-35510 · Linux+4 · Linux Kernel+4

CVE-2024-53045

Weakness Enumeration

Related Identifiers

Affected Products

References · 2218