Linux Kernel LPASS ASoC Component Out-of-Bounds Use-After-Free Vulnerability

A use-after-free vulnerability leading to a out-of-bounds read has been identified in the Linux kernel's ASoC LPASS component. This issue, which occurs in the 'regcache_flat_read' function, has been detected using the syzkaller fuzzer. The vulnerability arises from improper error checking in the 'tx_macro_put_dec_enum' function, allowing for the potential exploitation of invalid values.

Impact

Exploitation of this vulnerability can lead to a use-after-free condition, causing a slab-out-of-bounds read. Such memory corruption issues can often be exploited to execute arbitrary code or cause a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by using the syzkaller fuzzer, which will trigger the out-of-bounds read error. This can be done by crafting a specific sequence of actions that the ASoC LPASS component does not properly validate, leading to the use-after-free condition.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. The specific commit addressing this issue is available in the Linux kernel stable tree.