CVE-2024-26799
- Source
- https://cve.org/CVERecord?id=CVE-2024-26799
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26799.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-26799
- Downstream
- Published
- 2024-04-04T08:20:27.888Z
- Modified
- 2026-03-20T12:35:13.564672Z
- Severity
-
- 6.2 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- ASoC: qcom: Fix uninitialized pointer dmactl
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ASoC: qcom: Fix uninitialized pointer dmactl
In the case where __lpassgetdmactlhandle is called and the driver id daiid is invalid the pointer dmactl is not being assigned a value, and dmactl contains a garbage value since it has not been initialized and so the null check may not work. Fix this to initialize dmactl to NULL. One could argue that modern compilers will set this to zero, but it is useful to keep this initialized as per the same way in functions _lpassplatformcodecintfinit and lpasscdcdmadaiopshwparams.
Cleans up clang scan build warning: sound/soc/qcom/lpass-cdc-dma.c:275:7: warning: Branch condition evaluates to a garbage value [core.uninitialized.Branch]
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26799.json" }- References
-
- https://git.kernel.org/stable/c/1382d8b55129875b2e07c4d2a7ebc790183769ee
- https://git.kernel.org/stable/c/99adc8b4d2f38bf0d06483ec845bc48f60c3f8cf
- https://git.kernel.org/stable/c/d5a7726e6ea62d447b79ab5baeb537ea6bdb225b
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26799.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-26799
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git