Volerion logoVolerion
Volerion logoVolerion

Linux Kernel ASoC Intel Quirk Input Mapping Vulnerability

Vulnerability

A vulnerability exists in the Linux kernel's ASoC Intel bytcr_rt5640 driver, where invalid values passed through the quirk option are not properly handled. Instead of correcting the input, the driver merely logs an error, which can lead to unexpected behavior such as out-of-bounds access. This issue has been addressed by modifying the driver to map invalid quirk inputs to a default value, thereby preventing potential out-of-bounds access.

Impact

The vulnerability could lead to out-of-bounds access, which may cause memory corruption or other unintended behavior.

Reproduction

To reproduce this vulnerability, load the ASoC Intel bytcr_rt5640 driver and pass an invalid value through the quirk option. The driver will log an error but will not correct the input, potentially leading to out-of-bounds access.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version.

Added: Nov 12, 2025, 11:38 AM
Updated: Nov 12, 2025, 5:06 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
1.0
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.