DEBIAN-CVE-2023-52736
- Source
- https://security-tracker.debian.org/tracker/DEBIAN-CVE-2023-52736
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-52736.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-52736
- Upstream
- Published
- 2024-05-21T16:15:13Z
- Modified
- 2025-09-19T07:34:55.312170Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of hdacodecdriverprobe/remove() found in sound/pci/hda/hdabind.c with their component->probe/remove() instead. One of the reasons for that is the expectation of sndhdacodecdevicenew() to receive a valid pointer to an instance of struct sndcard. This expectation can be met only once sound card components probing commences. As ASoC sound card may be unbound without codec device being actually removed from the system, unsetting ->preset in sndhdacodeccleanupforunbind() interferes with module unload -> load scenario causing null-ptr-deref. Preset is assigned only once, during device/driver matching whereas ASoC codec driver's module reloading may occur several times throughout the lifetime of an audio stack.
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.178-1
Affected versions
5.*
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source