CVE-2024-39473

Published: Jul 5, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension If a process module does not have base config extension then the same format applies to all of it's inputs and the process->base_config_ext is NULL, causing NULL dereference when specifically crafted topology and sequences used.

Vendor	Product	Versions
Linux	Linux	affected `648fea12847695d60ddeebea86597114885ee76e - < e3ae00ee238bce6cfa5ad935c921181c14d18fd6` affected `648fea12847695d60ddeebea86597114885ee76e - < 9e16f17a2a0e97b43538b272e7071537a3e03368` affected `648fea12847695d60ddeebea86597114885ee76e - < ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8`
Linux	Linux	affected `6.4` unaffected `0 - < 6.4` unaffected `6.6.34 - <= 6.6.` unaffected `6.9.5 - <= 6.9.` unaffected `6.10 - <= *`

References

https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6

https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368

https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-39473

Description

Affected Products

References