Linux Kernel Out-of-Bounds Memory Read Vulnerability in cs_dsp KUnit Test

A vulnerability allowing out-of-bounds memory read access has been identified in the Linux kernel's cs_dsp component, specifically within the KUnit test for the control cache. The issue arises in the 'cs_dsp_ctl_cache_init_multiple_offsets()' function, where the code incorrectly allocates register values based on a 4-byte length from 'mock_coeff_template'. This length is later overridden to 8 bytes, leading to test code failures. The Kernel Address Sanitizer (KASAN) reported this out-of-bounds access.

Impact

Exploitation of this vulnerability could lead to unauthorized memory access, potentially allowing for information leakage or manipulation of memory contents.

Remediation

The vulnerability has been addressed by removing the length override, ensuring that the original 4-byte value is maintained for all operations. Users should update to the latest version of the Linux kernel where this fix has been applied.