CVE-2024-42237
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-42237
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42237.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-42237
- Downstream
- Related
- Published
- 2024-08-07T15:14:26Z
- Modified
- 2025-10-17T09:46:30.292915Z
- Summary
- firmware: cs_dsp: Validate payload length before processing block
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Validate payload length before processing block
Move the payload length check in csdspload() and csdspcoeff_load() to be done before the block is processed.
The check that the length of a block payload does not exceed the number of remaining bytes in the firwmware file buffer was being done near the end of the loop iteration. However, some code before that check used the length field without validating it.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/259955eca9b7acf1299b1ac077d8cfbe12df35d8
- https://git.kernel.org/stable/c/3a9cd924aec1288d675df721f244da4dd7e16cff
- https://git.kernel.org/stable/c/6598afa9320b6ab13041616950ca5f8f938c0cf1
- https://git.kernel.org/stable/c/71d9e313d8f7e18c543a9c80506fe6b1eb1fe0c8
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf6bc909e7673c30abcbdb329e7d0aa2e83c103d7Fixed259955eca9b7acf1299b1ac077d8cfbe12df35d8
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf6bc909e7673c30abcbdb329e7d0aa2e83c103d7Fixed3a9cd924aec1288d675df721f244da4dd7e16cff
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf6bc909e7673c30abcbdb329e7d0aa2e83c103d7Fixed71d9e313d8f7e18c543a9c80506fe6b1eb1fe0c8
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedf6bc909e7673c30abcbdb329e7d0aa2e83c103d7Fixed6598afa9320b6ab13041616950ca5f8f938c0cf1
Affected versions
v5.*
v5.15
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.45
v6.1.46
v6.1.47
v6.1.48
v6.1.49
v6.1.5
v6.1.50
v6.1.51
v6.1.52
v6.1.53
v6.1.54
v6.1.55
v6.1.56
v6.1.57
v6.1.58
v6.1.59
v6.1.6
v6.1.60
v6.1.61
v6.1.62
v6.1.63
v6.1.64
v6.1.65
v6.1.66
v6.1.67
v6.1.68
v6.1.69
v6.1.7
v6.1.70
v6.1.71
v6.1.72
v6.1.73
v6.1.74
v6.1.75
v6.1.76
v6.1.77
v6.1.78
v6.1.79
v6.1.8
v6.1.80
v6.1.81
v6.1.82
v6.1.83
v6.1.84
v6.1.85
v6.1.86
v6.1.87
v6.1.88
v6.1.89
v6.1.9
v6.1.90
v6.1.91
v6.1.92
v6.1.93
v6.1.94
v6.1.95
v6.1.96
v6.1.97
v6.1.98
v6.1.99
v6.10-rc1
v6.10-rc2
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.35
v6.6.36
v6.6.37
v6.6.38
v6.6.39
v6.6.4
v6.6.40
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2
v6.9.3
v6.9.4
v6.9.5
v6.9.6
v6.9.7
v6.9.8
v6.9.9
Database specific
vanir_signatures
[
{
"signature_version": "v1",
"target": {
"function": "cs_dsp_load",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@71d9e313d8f7e18c543a9c80506fe6b1eb1fe0c8",
"digest": {
"length": 4164.0,
"function_hash": "236988058183382572577128418668185193440"
},
"deprecated": false,
"id": "CVE-2024-42237-0ca26575",
"signature_type": "Function"
},
{
"signature_version": "v1",
"target": {
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6598afa9320b6ab13041616950ca5f8f938c0cf1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"112924978669611697792195985929803998205",
"129251571219002973297387688503942447599",
"27018313305096521106911349828828445730",
"18272071448470878022745771214273113330",
"128959546200425921222578010501387985412",
"203924663516207860487447716104256644811",
"137059446306794169748131071479348360332",
"5711643707599785543246070310493256134",
"229341165442525278692601888412139524752",
"310079930809933231317806942573632577943",
"333340660015270209950325892769738234300",
"263780031084644279951085507941351215469",
"93924670922706550806455827164804988505",
"286159231497246950329087424318726865441",
"73440091137661234506036972289213697408",
"233629843179958800808884421825580911985",
"184414510458601444472527521517083167961",
"163026223360691682711606071122138468693",
"213914161129064256400317426553843968639",
"207055833391392591582786855319504954589",
"66083973457905589396833290519621230071",
"70591660077354736836007478388371324715",
"172595269193900330683676470849706072399",
"209461280476419973533755767305171701575",
"30052350888523145960923504986458395599",
"146521240569584964717567983144749295083",
"76303765768164848592630425036310958577",
"140635488418512074193127167905290082757",
"298814098330115296851315365758397493233",
"229793860265974067682380435307052897387",
"197532150672706199903222801016363482020",
"43591469749792165460894985648292290812",
"285728420519638269988975286778714812243",
"19471795412179442918623160958347561025",
"264207365312565625918762297689523605649",
"27667497358890278315814067829738312544"
]
},
"deprecated": false,
"id": "CVE-2024-42237-3c06fcf3",
"signature_type": "Line"
},
{
"signature_version": "v1",
"target": {
"function": "cs_dsp_load_coeff",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a9cd924aec1288d675df721f244da4dd7e16cff",
"digest": {
"length": 4567.0,
"function_hash": "323032206947426189613763368906871990407"
},
"deprecated": false,
"id": "CVE-2024-42237-3d36c418",
"signature_type": "Function"
},
{
"signature_version": "v1",
"target": {
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a9cd924aec1288d675df721f244da4dd7e16cff",
"digest": {
"threshold": 0.9,
"line_hashes": [
"112924978669611697792195985929803998205",
"129251571219002973297387688503942447599",
"27018313305096521106911349828828445730",
"18272071448470878022745771214273113330",
"128959546200425921222578010501387985412",
"203924663516207860487447716104256644811",
"137059446306794169748131071479348360332",
"5711643707599785543246070310493256134",
"229341165442525278692601888412139524752",
"310079930809933231317806942573632577943",
"333340660015270209950325892769738234300",
"263780031084644279951085507941351215469",
"93924670922706550806455827164804988505",
"286159231497246950329087424318726865441",
"73440091137661234506036972289213697408",
"233629843179958800808884421825580911985",
"184414510458601444472527521517083167961",
"163026223360691682711606071122138468693",
"213914161129064256400317426553843968639",
"207055833391392591582786855319504954589",
"66083973457905589396833290519621230071",
"70591660077354736836007478388371324715",
"172595269193900330683676470849706072399",
"209461280476419973533755767305171701575",
"30052350888523145960923504986458395599",
"146521240569584964717567983144749295083",
"76303765768164848592630425036310958577",
"140635488418512074193127167905290082757",
"298814098330115296851315365758397493233",
"229793860265974067682380435307052897387",
"197532150672706199903222801016363482020",
"43591469749792165460894985648292290812",
"285728420519638269988975286778714812243",
"19471795412179442918623160958347561025",
"264207365312565625918762297689523605649",
"27667497358890278315814067829738312544"
]
},
"deprecated": false,
"id": "CVE-2024-42237-52b05ea3",
"signature_type": "Line"
},
{
"signature_version": "v1",
"target": {
"function": "cs_dsp_load_coeff",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@259955eca9b7acf1299b1ac077d8cfbe12df35d8",
"digest": {
"length": 4542.0,
"function_hash": "241846534110743942844422180554636285887"
},
"deprecated": false,
"id": "CVE-2024-42237-75b219ef",
"signature_type": "Function"
},
{
"signature_version": "v1",
"target": {
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@259955eca9b7acf1299b1ac077d8cfbe12df35d8",
"digest": {
"threshold": 0.9,
"line_hashes": [
"112924978669611697792195985929803998205",
"129251571219002973297387688503942447599",
"27018313305096521106911349828828445730",
"18272071448470878022745771214273113330",
"128959546200425921222578010501387985412",
"203924663516207860487447716104256644811",
"137059446306794169748131071479348360332",
"5711643707599785543246070310493256134",
"229341165442525278692601888412139524752",
"310079930809933231317806942573632577943",
"333340660015270209950325892769738234300",
"263780031084644279951085507941351215469",
"93924670922706550806455827164804988505",
"286159231497246950329087424318726865441",
"73440091137661234506036972289213697408",
"233629843179958800808884421825580911985",
"184414510458601444472527521517083167961",
"163026223360691682711606071122138468693",
"213914161129064256400317426553843968639",
"207055833391392591582786855319504954589",
"66083973457905589396833290519621230071",
"70591660077354736836007478388371324715",
"172595269193900330683676470849706072399",
"209461280476419973533755767305171701575",
"30052350888523145960923504986458395599",
"146521240569584964717567983144749295083",
"76303765768164848592630425036310958577",
"140635488418512074193127167905290082757",
"298814098330115296851315365758397493233",
"229793860265974067682380435307052897387",
"197532150672706199903222801016363482020",
"43591469749792165460894985648292290812",
"285728420519638269988975286778714812243",
"19471795412179442918623160958347561025",
"264207365312565625918762297689523605649",
"27667497358890278315814067829738312544"
]
},
"deprecated": false,
"id": "CVE-2024-42237-815fd296",
"signature_type": "Line"
},
{
"signature_version": "v1",
"target": {
"function": "cs_dsp_load_coeff",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6598afa9320b6ab13041616950ca5f8f938c0cf1",
"digest": {
"length": 4567.0,
"function_hash": "323032206947426189613763368906871990407"
},
"deprecated": false,
"id": "CVE-2024-42237-81a3435a",
"signature_type": "Function"
},
{
"signature_version": "v1",
"target": {
"function": "cs_dsp_load",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@259955eca9b7acf1299b1ac077d8cfbe12df35d8",
"digest": {
"length": 4138.0,
"function_hash": "179679548977138904941438180576241702487"
},
"deprecated": false,
"id": "CVE-2024-42237-920a3ab2",
"signature_type": "Function"
},
{
"signature_version": "v1",
"target": {
"function": "cs_dsp_load_coeff",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@71d9e313d8f7e18c543a9c80506fe6b1eb1fe0c8",
"digest": {
"length": 4567.0,
"function_hash": "323032206947426189613763368906871990407"
},
"deprecated": false,
"id": "CVE-2024-42237-a3c9cac3",
"signature_type": "Function"
},
{
"signature_version": "v1",
"target": {
"function": "cs_dsp_load",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3a9cd924aec1288d675df721f244da4dd7e16cff",
"digest": {
"length": 4164.0,
"function_hash": "236988058183382572577128418668185193440"
},
"deprecated": false,
"id": "CVE-2024-42237-d835c042",
"signature_type": "Function"
},
{
"signature_version": "v1",
"target": {
"function": "cs_dsp_load",
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6598afa9320b6ab13041616950ca5f8f938c0cf1",
"digest": {
"length": 4164.0,
"function_hash": "236988058183382572577128418668185193440"
},
"deprecated": false,
"id": "CVE-2024-42237-f2fb9ab6",
"signature_type": "Function"
},
{
"signature_version": "v1",
"target": {
"file": "drivers/firmware/cirrus/cs_dsp.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@71d9e313d8f7e18c543a9c80506fe6b1eb1fe0c8",
"digest": {
"threshold": 0.9,
"line_hashes": [
"112924978669611697792195985929803998205",
"129251571219002973297387688503942447599",
"27018313305096521106911349828828445730",
"18272071448470878022745771214273113330",
"128959546200425921222578010501387985412",
"203924663516207860487447716104256644811",
"137059446306794169748131071479348360332",
"5711643707599785543246070310493256134",
"229341165442525278692601888412139524752",
"310079930809933231317806942573632577943",
"333340660015270209950325892769738234300",
"263780031084644279951085507941351215469",
"93924670922706550806455827164804988505",
"286159231497246950329087424318726865441",
"73440091137661234506036972289213697408",
"233629843179958800808884421825580911985",
"184414510458601444472527521517083167961",
"163026223360691682711606071122138468693",
"213914161129064256400317426553843968639",
"207055833391392591582786855319504954589",
"66083973457905589396833290519621230071",
"70591660077354736836007478388371324715",
"172595269193900330683676470849706072399",
"209461280476419973533755767305171701575",
"30052350888523145960923504986458395599",
"146521240569584964717567983144749295083",
"76303765768164848592630425036310958577",
"140635488418512074193127167905290082757",
"298814098330115296851315365758397493233",
"229793860265974067682380435307052897387",
"197532150672706199903222801016363482020",
"43591469749792165460894985648292290812",
"285728420519638269988975286778714812243",
"19471795412179442918623160958347561025",
"264207365312565625918762297689523605649",
"27667497358890278315814067829738312544"
]
},
"deprecated": false,
"id": "CVE-2024-42237-f3b53702",
"signature_type": "Line"
}
]