CVE-2024-58077

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved. The issue was related to the ASoC: soc-pcm component, where the soc pcm ret() function was used in the .prepare callback, ignoring -EINVAL error messages. This was done to prevent a potential denial-of-service attack on the syslog or diskspace by userspace. The fix involves not using soc pcm ret() on the .prepare callback.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALSA-2025:20095

ALSA-2025:20518

BDU:2025-12025

CVE-2024-58077

DLA-4102-1

INFSA-2025_20518

OESA-2025-1371

OESA-2025-1372

RHSA-2025:20095

RHSA-2025:20518

RHSA-2025_20518

SUSE-SU-2025:02254-1

SUSE-SU-2025:02307-1

SUSE-SU-2025:02333-1

SUSE-SU-2025_02254-1

SUSE-SU-2025_02307-1

SUSE-SU-2025_02333-1

USN-7521-1

USN-7521-2

USN-7521-3

USN-7651-1

USN-7651-2

USN-7651-3

USN-7651-4

USN-7651-5

USN-7651-6

USN-7652-1

USN-7653-1

USN-7737-1

Affected Products

Almalinux

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2024-58077

Weakness Enumeration

Related Identifiers

Affected Products

References · 1290