CVE-2024-58012

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-58012

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58012.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-58012

Downstream

BELL-CVE-2024-58012

DEBIAN-CVE-2024-58012

ECHO-f40f-cb2f-44bd

MINI-grw2-4mwh-6ggx

SUSE-SU-2025:01919-1

SUSE-SU-2025:1177-1

SUSE-SU-2025:1178-1

SUSE-SU-2025:1180-1

UBUNTU-CVE-2024-58012

USN-7521-1

USN-7521-3

Related

Published

2025-02-27T03:15:12Z

Modified

2025-10-01T21:16:40Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params

Each cpu DAI should associate with a widget. However, the topology might not create the right number of DAI widgets for aggregated amps. And it will cause NULL pointer deference. Check that the DAI widget associated with the CPU DAI is valid to prevent NULL pointer deference due to missing DAI widgets in topologies with aggregated amps.

References

Affected packages