CVE-2023-52689

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-52689
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52689.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52689
Downstream
Published
2024-05-17T14:24:49.975Z
Modified
2026-02-20T03:46:41.465066Z
Summary
ALSA: scarlett2: Add missing mutex lock around get meter levels
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: scarlett2: Add missing mutex lock around get meter levels

As scarlett2meterctlget() uses meterlevelmap[], the datamutex should be locked while accessing it.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52689.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3473185f31df29ac572be94fdb87ad8267108bec
Fixed
74e3de7cdcc31ce75ab42350ae0946eff62a2da2
Fixed
993f7b42fa066b055e3a19b7f76ad8157c0927a0

Affected versions

v6.*
v6.6
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52689.json"
vanir_signatures 
[
    {
        "target": {
            "file": "sound/usb/mixer_scarlett2.c"
        },
        "digest": {
            "line_hashes": [
                "166450747306942199008701541848153305319",
                "286044359184595755005007619161325540629",
                "325910925336681233747471381771130027294",
                "48623244992789660250225415436587082504",
                "241765635726293118969125817912111348545",
                "104480712959291163619198744852114765520",
                "31482154397059303696653241174228008456",
                "245647192833736249887334080546586252711",
                "84240340858131491955196015540542484489",
                "123069538623413829082604991467174907027",
                "197018498655981113113849117372326866561"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "id": "CVE-2023-52689-35ce7e13",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@74e3de7cdcc31ce75ab42350ae0946eff62a2da2",
        "deprecated": false,
        "signature_version": "v1"
    },
    {
        "target": {
            "file": "sound/usb/mixer_scarlett2.c"
        },
        "digest": {
            "line_hashes": [
                "166450747306942199008701541848153305319",
                "286044359184595755005007619161325540629",
                "325910925336681233747471381771130027294",
                "48623244992789660250225415436587082504",
                "241765635726293118969125817912111348545",
                "104480712959291163619198744852114765520",
                "31482154397059303696653241174228008456",
                "245647192833736249887334080546586252711",
                "84240340858131491955196015540542484489",
                "123069538623413829082604991467174907027",
                "197018498655981113113849117372326866561"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "id": "CVE-2023-52689-3b574d64",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@993f7b42fa066b055e3a19b7f76ad8157c0927a0",
        "deprecated": false,
        "signature_version": "v1"
    },
    {
        "target": {
            "file": "sound/usb/mixer_scarlett2.c",
            "function": "scarlett2_meter_ctl_get"
        },
        "digest": {
            "length": 524.0,
            "function_hash": "149822397375955991194008720206921388924"
        },
        "signature_type": "Function",
        "id": "CVE-2023-52689-78f6605f",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@74e3de7cdcc31ce75ab42350ae0946eff62a2da2",
        "deprecated": false,
        "signature_version": "v1"
    },
    {
        "target": {
            "file": "sound/usb/mixer_scarlett2.c",
            "function": "scarlett2_meter_ctl_get"
        },
        "digest": {
            "length": 524.0,
            "function_hash": "149822397375955991194008720206921388924"
        },
        "signature_type": "Function",
        "id": "CVE-2023-52689-9515595e",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@993f7b42fa066b055e3a19b7f76ad8157c0927a0",
        "deprecated": false,
        "signature_version": "v1"
    }
]

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
0dd3ee31125508cd67f7e7172247f05b7fd1753a
Fixed
7bbf3b67cb49d0f8a20e64b7473923041b758211

Affected versions

v6.*
v6.7
v6.7.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52689.json"