CVE-2023-53866

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the ASoC (ALSA System on Chip) component related to mutex handling in the soc-compress module. Specifically, if the panic on warn setting is enabled and a DPCM (Differential Pulse Code Modulation) compression stream is started, a kernel panic can occur because the card->pcm mutex is not appropriately held in functions such as dpcm be connect, dpcm be disconnect, snd soc runtime action, and dpcm dapm stream event. These functions are called by soc compr set params fe, soc compr open fe, and soc compr free fe without proper mutex locking. The call stack indicates the issue originates during the processing of paths within the DPCM stream.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.