CVE-2023-52988

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() snd_hda_get_connections() can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux Verification Center (linuxtesting.org) with SVACE.

Reserved 2025-03-27 | Published 2025-03-27 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

30b4503378c976cf66201a1e81820519f6bd79ac before 437e50ef6290ac835d526d0e45f466a0aa69ba1b
affected

30b4503378c976cf66201a1e81820519f6bd79ac before 6e1f586ddec48d71016b81acf68ba9f49ca54db8
affected

30b4503378c976cf66201a1e81820519f6bd79ac before d6870f3800dbb212ae8433183ee82f566d067c6c
affected

30b4503378c976cf66201a1e81820519f6bd79ac before 2b557fa635e7487f638c0f030c305870839eeda2
affected

30b4503378c976cf66201a1e81820519f6bd79ac before 1b9256c96220bcdba287eeeb90e7c910c77f8c46
affected

30b4503378c976cf66201a1e81820519f6bd79ac before f011360ad234a07cb6fbcc720fff646a93a9f0d6
affected

30b4503378c976cf66201a1e81820519f6bd79ac before b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa
affected

Default status
affected

3.1
affected

Any version before 3.1
unaffected

4.14.306
unaffected

4.19.273
unaffected

5.4.232
unaffected

5.10.168
unaffected

5.15.93
unaffected

6.1.11
unaffected

6.2
unaffected

References

git.kernel.org/...c/437e50ef6290ac835d526d0e45f466a0aa69ba1b

git.kernel.org/...c/6e1f586ddec48d71016b81acf68ba9f49ca54db8

git.kernel.org/...c/d6870f3800dbb212ae8433183ee82f566d067c6c

git.kernel.org/...c/2b557fa635e7487f638c0f030c305870839eeda2

git.kernel.org/...c/1b9256c96220bcdba287eeeb90e7c910c77f8c46

git.kernel.org/...c/f011360ad234a07cb6fbcc720fff646a93a9f0d6

git.kernel.org/...c/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa

cve.org (CVE-2023-52988)

nvd.nist.gov (CVE-2023-52988)

Download JSON