{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-39473", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-25T14:23:23.745Z", "datePublished": "2024-07-05T06:55:04.363Z", "dateUpdated": "2024-08-02T04:26:14.967Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-15T06:50:07.987Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension\n\nIf a process module does not have base config extension then the same\nformat applies to all of it's inputs and the process->base_config_ext is\nNULL, causing NULL dereference when specifically crafted topology and\nsequences used."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/soc/sof/ipc4-topology.c"], "versions": [{"version": "648fea128476", "lessThan": "e3ae00ee238b", "status": "affected", "versionType": "git"}, {"version": "648fea128476", "lessThan": "9e16f17a2a0e", "status": "affected", "versionType": "git"}, {"version": "648fea128476", "lessThan": "ffa077b2f6ad", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/soc/sof/ipc4-topology.c"], "versions": [{"version": "6.4", "status": "affected"}, {"version": "0", "lessThan": "6.4", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.34", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.9.5", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6"}, {"url": "https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368"}, {"url": "https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8"}], "title": "ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension", "x_generator": {"engine": "bippy-c9c4e1df01b2"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-05T20:08:14.080925Z", "id": "CVE-2024-39473", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T20:08:25.422Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:14.967Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:26:14.967Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-39473", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-07-05T20:08:14.080925Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T20:08:21.291Z"}}], "cna": {"title": "ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "648fea128476", "lessThan": "e3ae00ee238b", "versionType": "git"}, {"status": "affected", "version": "648fea128476", "lessThan": "9e16f17a2a0e", "versionType": "git"}, {"status": "affected", "version": "648fea128476", "lessThan": "ffa077b2f6ad", "versionType": "git"}], "programFiles": ["sound/soc/sof/ipc4-topology.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.4"}, {"status": "unaffected", "version": "0", "lessThan": "6.4", "versionType": "custom"}, {"status": "unaffected", "version": "6.6.34", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.5", "versionType": "custom", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["sound/soc/sof/ipc4-topology.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6"}, {"url": "https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368"}, {"url": "https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8"}], "x_generator": {"engine": "bippy-c9c4e1df01b2"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension\n\nIf a process module does not have base config extension then the same\nformat applies to all of it's inputs and the process->base_config_ext is\nNULL, causing NULL dereference when specifically crafted topology and\nsequences used."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-07-15T06:50:07.987Z"}}}, "cveMetadata": {"cveId": "CVE-2024-39473", "state": "PUBLISHED", "dateUpdated": "2024-08-02T04:26:14.967Z", "dateReserved": "2024-06-25T14:23:23.745Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-05T06:55:04.363Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "18D12E25-2947-44E7-989D-24450E013A1F", "versionEndExcluding": "6.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC0C6E24-8240-425A-BD1A-F78E6D3A67FC", "versionEndExcluding": "6.6.34", "versionStartIncluding": "6.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "54EDFD02-25E6-4BC8-9AD0-0A59881F400A", "versionEndExcluding": "6.9.5", "versionStartIncluding": "6.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension\n\nIf a process module does not have base config extension then the same\nformat applies to all of it's inputs and the process->base_config_ext is\nNULL, causing NULL dereference when specifically crafted topology and\nsequences used."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: SOF: ipc4-topology: arregla la consulta de formato de entrada de m\u00f3dulos de proceso sin extensi\u00f3n base. Si un m\u00f3dulo de proceso no tiene extensi\u00f3n de configuraci\u00f3n base, entonces se aplica el mismo formato a todas sus entradas. y el proceso->base_config_ext es NULL, lo que provoca una desreferencia NULL cuando se utilizan secuencias y topolog\u00edas manipuladas espec\u00edficamente."}], "id": "CVE-2024-39473", "lastModified": "2024-07-08T17:12:06.610", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-05T07:15:10.123", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Mailing List", "Patch"], "url": "https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension", "id": "2296064", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296064"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension\nIf a process module does not have base config extension then the same\nformat applies to all of it's inputs and the process->base_config_ext is\nNULL, causing NULL dereference when specifically crafted topology and\nsequences used."], "name": "CVE-2024-39473", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-39473\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-39473\nhttps://lore.kernel.org/linux-cve-announce/2024070516-CVE-2024-39473-d28c@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 6.6.34, kernel 6.9.5, kernel 6.10-rc2"}