In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
Use strnlen() instead of strlen() on the algorithm and coefficient name string arrays in V1 wmfw files.
In V1 wmfw files the name is a NUL-terminated string in a fixed-size array. cs_dsp should protect against overrunning the array if the NUL terminator is missing.
[
{
"target": {
"function": "cs_dsp_coeff_parse_alg",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-061d92b0",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16d76857d6b5426f41b587d0bb925de3f25bfb21",
"digest": {
"function_hash": "137716185440655657309643006873778998584",
"length": 1470.0
}
},
{
"target": {
"function": "cs_dsp_coeff_parse_coeff",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-1d488e98",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16d76857d6b5426f41b587d0bb925de3f25bfb21",
"digest": {
"function_hash": "33570500189686640907231291709622480145",
"length": 2302.0
}
},
{
"target": {
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-235c395d",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@392cff2f86a25a4286ff3151c7739143c61c1781",
"digest": {
"line_hashes": [
"227066554399917797551647214538619500486",
"89512913474503318154634931876854221282",
"203611605156181164993496611525507215722",
"224989946605578217250385527864446229465",
"99961853044490352056495641834976639914",
"222166690762044946428590551563713732452",
"298777870215898087791104668531021657067",
"48729011315173736414954447167808417220"
],
"threshold": 0.9
}
},
{
"target": {
"function": "cs_dsp_coeff_parse_coeff",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-2f7eef49",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@680e126ec0400f6daecf0510c5bb97a55779ff03",
"digest": {
"function_hash": "33570500189686640907231291709622480145",
"length": 2302.0
}
},
{
"target": {
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-346fbd7f",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@680e126ec0400f6daecf0510c5bb97a55779ff03",
"digest": {
"line_hashes": [
"227066554399917797551647214538619500486",
"89512913474503318154634931876854221282",
"203611605156181164993496611525507215722",
"224989946605578217250385527864446229465",
"99961853044490352056495641834976639914",
"222166690762044946428590551563713732452",
"298777870215898087791104668531021657067",
"48729011315173736414954447167808417220"
],
"threshold": 0.9
}
},
{
"target": {
"function": "cs_dsp_coeff_parse_coeff",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-4c0eb5e1",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53a9f8cdbf35a682e9894e1a606f4640e5359185",
"digest": {
"function_hash": "33570500189686640907231291709622480145",
"length": 2302.0
}
},
{
"target": {
"function": "cs_dsp_coeff_parse_alg",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-6f66a2a5",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53a9f8cdbf35a682e9894e1a606f4640e5359185",
"digest": {
"function_hash": "137716185440655657309643006873778998584",
"length": 1470.0
}
},
{
"target": {
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-97e0167e",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53a9f8cdbf35a682e9894e1a606f4640e5359185",
"digest": {
"line_hashes": [
"227066554399917797551647214538619500486",
"89512913474503318154634931876854221282",
"203611605156181164993496611525507215722",
"224989946605578217250385527864446229465",
"99961853044490352056495641834976639914",
"222166690762044946428590551563713732452",
"298777870215898087791104668531021657067",
"48729011315173736414954447167808417220"
],
"threshold": 0.9
}
},
{
"target": {
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-9a3a2a11",
"signature_type": "Line",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@16d76857d6b5426f41b587d0bb925de3f25bfb21",
"digest": {
"line_hashes": [
"227066554399917797551647214538619500486",
"89512913474503318154634931876854221282",
"203611605156181164993496611525507215722",
"224989946605578217250385527864446229465",
"99961853044490352056495641834976639914",
"222166690762044946428590551563713732452",
"298777870215898087791104668531021657067",
"48729011315173736414954447167808417220"
],
"threshold": 0.9
}
},
{
"target": {
"function": "cs_dsp_coeff_parse_alg",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-9f17b8e0",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@392cff2f86a25a4286ff3151c7739143c61c1781",
"digest": {
"function_hash": "137716185440655657309643006873778998584",
"length": 1470.0
}
},
{
"target": {
"function": "cs_dsp_coeff_parse_alg",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-ba3adbbb",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@680e126ec0400f6daecf0510c5bb97a55779ff03",
"digest": {
"function_hash": "137716185440655657309643006873778998584",
"length": 1470.0
}
},
{
"target": {
"function": "cs_dsp_coeff_parse_coeff",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"id": "CVE-2024-41056-dafca59c",
"signature_type": "Function",
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@392cff2f86a25a4286ff3151c7739143c61c1781",
"digest": {
"function_hash": "33570500189686640907231291709622480145",
"length": 2302.0
}
}
]