Description
In the Linux kernel, the following vulnerability has been resolved: ALSA: wavefront: Fix integer overflow in sample size validation The wavefront_send_sample() function has an integer overflow issue when validating sample size. The header->size field is u32 but gets cast to int for comparison with dev->freemem Fix by using unsigned comparison to avoid integer overflow.
Product status
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 488bf86d60077f52810c60dbdf7468c277880167
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before d2f5d8cf1eadb7b33e476f59aa9c6653e4f2b937
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 4f811071e702fbb74933526e2fbadf8c4ed0c0c4
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 02b63f3bc29265bd9e83191792d200ed563acacf
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 5588b7c86effffa9bb55383a38800649d7b40778
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before bca11de0a277b8baeb7d006f93b543c907b6e782
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 1823e08f76c68b9e1d26f6d5ef831b96f61a62a0
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 0c4a13ba88594fd4a27292853e736c6b4349823d
2.6.12
Any version before 2.6.12
5.10.248 (semver)
5.15.198 (semver)
6.1.160 (semver)
6.6.120 (semver)
6.12.63 (semver)
6.17.13 (semver)
6.18.2 (semver)
6.19 (original_commit_for_fix)
References
git.kernel.org/...c/488bf86d60077f52810c60dbdf7468c277880167
git.kernel.org/...c/d2f5d8cf1eadb7b33e476f59aa9c6653e4f2b937
git.kernel.org/...c/4f811071e702fbb74933526e2fbadf8c4ed0c0c4
git.kernel.org/...c/02b63f3bc29265bd9e83191792d200ed563acacf
git.kernel.org/...c/5588b7c86effffa9bb55383a38800649d7b40778
git.kernel.org/...c/bca11de0a277b8baeb7d006f93b543c907b6e782
git.kernel.org/...c/1823e08f76c68b9e1d26f6d5ef831b96f61a62a0
git.kernel.org/...c/0c4a13ba88594fd4a27292853e736c6b4349823d