Primary

Context

Linux Kernel Asymmetric Stream Handling Vulnerability in ASoC DPCM Component

Vulnerability

A vulnerability in the Linux kernel's ASoC DPCM component can lead to a NULL dereference. This issue arises when the DPCM module adds valid Back-End (BE) connections without verifying if the selected BE supports the given stream direction. In cases of asymmetric BE streams, this can result in incorrect BE selection, causing a NULL dereference later in the process when the code expects a corresponding BE substream to exist. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause a NULL dereference, leading to a potential system crash or instability.

Remediation

The vulnerability has been addressed in the official Linux kernel repository. Users should upgrade to the latest stable version of the Linux kernel where this vulnerability has been fixed.

Added: Jun 18, 2025, 7:01 PM

Updated: Jun 18, 2025, 7:01 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Asymmetric Stream Handling Vulnerability in ASoC DPCM Component

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating