Linux Kernel Compander Access Vulnerability in ASoC Codecs

Vulnerability

A vulnerability in the Linux kernel's ASoC codecs component has been addressed. The issue involved improper access to the compander data for the auxAUX interpolator, which does not utilize a compander. This oversight could lead to out-of-bounds access in the comp_enabled array. The vulnerability has been fixed by implementing a check to verify the presence of compander data before access.

Impact

Exploitation of this vulnerability could result in out-of-bounds memory access, potentially leading to memory corruption or other unintended behavior.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Compander Access Vulnerability in ASoC Codecs

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating