CVE-2025-21870 | THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DAI copier widgets could have the same stream name (sname) as the ALH copier and in that case the copier->data is NULL, no alh_data is attached, which could lead to NULL pointer dereference. We could check for this NULL pointer in sof_ipc4_prepare_copier_module() and avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai() will miscalculate the ALH device count, causing broken audio. The correct fix is to harden the matching logic by making sure that the 1. widget is a DAI widget - so dai = w->private is valid 2. the dai (and thus the copier) is ALH copier

Reserved 2024-12-29 | Published 2025-03-27 | Updated 2025-05-04 | Assigner Linux

Product status

Default status

unaffected

a150345aa758492e05d2934f318ce7c2566b1cfe before 87c8768a96092ce75cd47fe076db5080db7ac515

affected

a150345aa758492e05d2934f318ce7c2566b1cfe before 93c6c2e5801aab09ef1ef99f248f3cd323c3f152

affected

a150345aa758492e05d2934f318ce7c2566b1cfe before 6fd60136d256b3b948333ebdb3835f41a95ab7ef

affected

Default status

affected

6.0

affected

Any version before 6.0

unaffected

6.12.17

unaffected

6.13.5

unaffected

6.14

unaffected

References

git.kernel.org/...c/87c8768a96092ce75cd47fe076db5080db7ac515

git.kernel.org/...c/93c6c2e5801aab09ef1ef99f248f3cd323c3f152

git.kernel.org/...c/6fd60136d256b3b948333ebdb3835f41a95ab7ef

cve.org (CVE-2025-21870)

nvd.nist.gov (CVE-2025-21870)

Download JSON

https://cve.threatint.eu/CVE/CVE-2025-21870

Support options

Helpdesk Chat, Email, Knowledgebase