CVE-2024-42238

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-42238
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42238.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-42238
Downstream
Related
Published
2024-08-07T15:14:26.812Z
Modified
2026-03-11T07:55:01.415982Z
Summary
firmware: cs_dsp: Return error if block header overflows file
Details

In the Linux kernel, the following vulnerability has been resolved:

firmware: cs_dsp: Return error if block header overflows file

Return an error from csdsppower_up() if a block header is longer than the amount of data left in the file.

The previous code in csdspload() and csdspload_coeff() would loop while there was enough data left in the file for a valid region. This protected against overrunning the end of the file data, but it didn't abort the file processing with an error.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42238.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f6bc909e7673c30abcbdb329e7d0aa2e83c103d7
Fixed
b8be70566b33abbd0180105070b4c67cfef8c44f
Fixed
90ab191b7d181057d71234e8632e06b5844ac38e
Fixed
6eabd23383805725eff416c203688b7a390d4153
Fixed
959fe01e85b7241e3ec305d657febbe82da16a02

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42238.json"