CVE-2023-52988
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-52988
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52988.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52988
- Downstream
- Related
- Published
- 2025-03-27T17:15:46Z
- Modified
- 2025-10-01T18:15:35Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ALSA: hda/via: Avoid potential array out-of-bound in addsecretdac_path()
sndhdaget_connections() can return a negative error code. It may lead to accessing 'conn' array at a negative index.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
- References
-
- https://git.kernel.org/stable/c/1b9256c96220bcdba287eeeb90e7c910c77f8c46
- https://git.kernel.org/stable/c/2b557fa635e7487f638c0f030c305870839eeda2
- https://git.kernel.org/stable/c/437e50ef6290ac835d526d0e45f466a0aa69ba1b
- https://git.kernel.org/stable/c/6e1f586ddec48d71016b81acf68ba9f49ca54db8
- https://git.kernel.org/stable/c/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa
- https://git.kernel.org/stable/c/d6870f3800dbb212ae8433183ee82f566d067c6c
- https://git.kernel.org/stable/c/f011360ad234a07cb6fbcc720fff646a93a9f0d6