CVE-2023-52987

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability has been resolved in the Linux kernel related to the ASoC: SOF: ipc4-mtrace component. The issue involves preventing an underflow in the sof ipc4 priority mask dfs write() function. The id variable, which comes from the user, was changed to an unsigned type to prevent an array underflow.

Recommendations For the affected Linux kernel versions, consider updating to a version that includes the fix for the sof ipc4 priority mask dfs write() function underflow issue. As a temporary workaround, consider restricting the input for the id variable to prevent potential underflow exploitation.