Linux Kernel Vulnerability in ALSA HDA - Codec Access Issue
CVE-2023-53275
What is CVE-2023-53275?
A potential null-pointer dereference vulnerability has been identified in the Linux kernel's ALSA HDA subsystem due to a data race condition. This issue arises when the variable codec->regmap is accessed without proper locking mechanism, particularly in the function snd_hdac_regmap_sync(). If codec->regmap is modified immediately after the check and set to NULL, it may lead to a dereference error in subsequent function calls, notably in regcache_sync(). To address this vulnerability, the mutex lock coverage has been extended around both the condition check and the function call, ensuring more robust protection against this race condition and enhancing the overall code consistency.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 109f0aaa0b8838a88af9125b79579023539300a7
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9f9eed451176ffcac6b5ba0f6dae1a6b4a1cb0eb
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8703b26387e1fa4f8749db98d24c67617b873acb