CVE-2023-53788
Published: Dec 9, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). static int tuning_ctl_set(...) { for (i = 0; i < TUNING_CTLS_COUNT; i++) (A) if (nid == ca0132_tuning_ctls[i].nid) break; snd_hda_power_up(...); (X) dspio_set_param(..., ca0132_tuning_ctls[i].mid, ...); snd_hda_power_down(...); ^ return 1; } We will get below error by cppcheck sound/pci/hda/patch_ca0132.c:4229:2: note: After for loop, i has value 12 for (i = 0; i < TUNING_CTLS_COUNT; i++) ^ sound/pci/hda/patch_ca0132.c:4234:43: note: Array index out of bounds dspio_set_param(codec, ca0132_tuning_ctls[i].mid, 0x20, ^ This patch cares non match case.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 44f0c9782cc6ab71ea947f8f710a46f2078a151c - < ff5e8b49348f6a550c136b74efaf8b3c1d3ceaeaaffected 44f0c9782cc6ab71ea947f8f710a46f2078a151c - < 3590498117a11aa1f92a97e8a04d95320e347ebdaffected 44f0c9782cc6ab71ea947f8f710a46f2078a151c - < 7f12f99b8017ad5ed5aff4b0aefe3bb7bbdf8a99affected 44f0c9782cc6ab71ea947f8f710a46f2078a151c - < baef27176ea5fdc7ad0947e2dc7733855e35db71affected 44f0c9782cc6ab71ea947f8f710a46f2078a151c - < d23f65f08247068576a01e28b297e995b7dc3965+3 more versions |
Linux | Linux | affected 3.9unaffected 0 - < 3.9unaffected 4.14.312 - <= 4.14.*unaffected 4.19.280 - <= 4.19.*unaffected 5.4.240 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now