Linux Kernel DSP Response Handling Vulnerability in Closed Data Streams

A vulnerability in the Linux kernel's Audio Stream Control (ASoC) component for Qualcomm Digital Signal Processor (DSP) responses has been addressed. The issue arose because responses from the DSP were still processed after a data stream had been closed, leading to system lockups. The vulnerability affected several versions of the Linux kernel. The root cause was improper handling of DSP responses, which should have been dropped unconditionally for closed streams. The vulnerability could cause lockups by allowing closed stream responses to interfere with the normal operation of the audio processing system.

Impact

The vulnerability could cause system lockups by allowing DSP responses from closed data streams to be processed, disrupting normal audio operations.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.