CVE-2024-26927

Published: Apr 28, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head->full_size - head->header_size" can underflow. To some extent, we're always going to have to trust the firmware a bit. However, it's easy enough to add a check for negatives, and let's add a upper bounds check as well.

Vendor	Product	Versions
Linux	Linux	affected `d2458baa799fff377660d86323dd20a3f4deecb4 - < d133d67e7e724102d1e53009c4f88afaaf3e167c` affected `d2458baa799fff377660d86323dd20a3f4deecb4 - < ced7df8b3c5c4751244cad79011e86cf1f809153` affected `d2458baa799fff377660d86323dd20a3f4deecb4 - < 044e220667157fb9d59320341badec59cf45ba48` affected `d2458baa799fff377660d86323dd20a3f4deecb4 - < 9eeb8e1231f6450c574c1db979122e171a1813ab` affected `d2458baa799fff377660d86323dd20a3f4deecb4 - < 98f681b0f84cfc3a1d83287b77697679e0398306`
Linux	Linux	affected `5.19` unaffected `0 - < 5.19` unaffected `6.1.83 - <= 6.1.` unaffected `6.6.23 - <= 6.6.` unaffected `6.7.11 - <= 6.7.*` +2 more versions

References

https://git.kernel.org/stable/c/d133d67e7e724102d1e53009c4f88afaaf3e167c

https://git.kernel.org/stable/c/ced7df8b3c5c4751244cad79011e86cf1f809153

https://git.kernel.org/stable/c/044e220667157fb9d59320341badec59cf45ba48

https://git.kernel.org/stable/c/9eeb8e1231f6450c574c1db979122e171a1813ab

https://git.kernel.org/stable/c/98f681b0f84cfc3a1d83287b77697679e0398306

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-26927

Description

Affected Products

References