Sound Card Driver Vulnerability in Mediatek Devices
CVE-2024-56685

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
28 December 2024

What is CVE-2024-56685?

A significant vulnerability affecting sound card drivers in Mediatek's platforms may lead to kernel panic when probing devices due to improper handling of dummy codecs. In specific instances involving mt8188 and mt8195 drivers, attempts to access codec fields when no valid codec is available can result in null pointer dereference, thereby compromising system stability. The root cause lies in the initialization of dummy component arrays which may be left uninitialized at probe time. Affected drivers must ensure that the number of codecs is verified before dereferencing any codec information to prevent undefined behavior during initialization.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 13f58267cda3d6946c8f4de368ad5d4a003baa61 < 376f4800f34a28def026ff5c5d4fc5e54e1744ff

Linux 13f58267cda3d6946c8f4de368ad5d4a003baa61 < 550279449ff54c5aa28cfca5c567308cbfb145f0

Linux 13f58267cda3d6946c8f4de368ad5d4a003baa61 < 2f2020327cc8561d7c520d2f2d9acea84fa7b3a3

References

https://git.kernel.org/stable/c/376f4800f34a28def026ff5c5...
https://git.kernel.org/stable/c/550279449ff54c5aa28cfca5c...
https://git.kernel.org/stable/c/2f2020327cc8561d7c520d2f2...

Timeline

  • Vulnerability published

JSON
.