← back
CVE-2023-53465

soundwire: qcom: fix storing port config out-of-bounds

EPSS 0.2%
In the Linux kernel, the following vulnerability has been resolved: soundwire: qcom: fix storing port config out-of-bounds The 'qcom_swrm_ctrl->pconfig' has size of QCOM_SDW_MAX_PORTS (14), however we index it starting from 1, not 0, to match real port numbers. This can lead to writing port config past 'pconfig' bounds and overwriting next member of 'qcom_swrm_ctrl' struct. Reported also by smatch: drivers/soundwire/qcom.c:1269 qcom_swrm_get_port_config() error: buffer overflow 'ctrl->pconfig' 14 <= 14
Affected products
Linux · Linux

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://git.kernel.org/stable/c/20f7c4d51c94abb1a1a7c21900db4fb5afe5c8ffhttps://git.kernel.org/stable/c/32eb67d7360d48c15883e0d21b29c0aab9da022ehttps://git.kernel.org/stable/c/490937d479abe5f6584e69b96df066bc87be92e9https://git.kernel.org/stable/c/801daff0078087b5df9145c9f5e643c28129734b