Linux Kernel ASoC Platform Max Control Value Interpretation Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ASoC (ALSA System on Chip) component has been addressed. The issue arose from inconsistent interpretation of the 'platform_max' value, which could be seen as either a maximum register value or a control value limit. A previous patch had shifted the interpretation to that of a register, but most other usages treated it as a control value. This vulnerability has been resolved by reverting the problematic patch and updating the relevant functions to consistently use the control value interpretation, aligning with typical volume management practices in machine drivers.

Impact

The vulnerability could lead to incorrect volume control management, potentially causing audio output issues or unintended behavior in audio processing.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ASoC Platform Max Control Value Interpretation Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating