Linux Kernel Intel ASoC SDW Array Termination Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ASoC Intel SDW component has been addressed. The issue arose because the code relied on an initialized member of the asoc_sdw_dailink structure to check if an array member was in use. This approach led to an out-of-bounds access when the array was full. The vulnerability has been resolved by expanding the array to include a terminator, preventing the access beyond the array's end.

Impact

Exploitation of this vulnerability could lead to out-of-bounds memory access, potentially causing undefined behavior or memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Intel ASoC SDW Array Termination Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating