Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2024-38605

Disclosure Date: June 19, 2024 •

CVE-2024-38605

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

ALSA: core: Fix NULL module pointer assignment at card init

The commit 81033c6b584b (“ALSA: core: Warn on empty module”)
introduced a WARN_ON() for a NULL module pointer passed at snd_card
object creation, and it also wraps the code around it with ‘#ifdef
MODULE’. This works in most cases, but the devils are always in
details. “MODULE” is defined when the target code (i.e. the sound
core) is built as a module; but this doesn’t mean that the caller is
also built-in or not. Namely, when only the sound core is built-in
(CONFIG_SND=y) while the driver is a module (CONFIG_SND_USB_AUDIO=m),
the passed module pointer is ignored even if it’s non-NULL, and
card->module remains as NULL. This would result in the missing module
reference up/down at the device open/close, leading to a race with the
code execution after the module removal.

For addressing the bug, move the assignment of card->module again out
of ifdef. The WARN_ON() is still wrapped with ifdef because the
module can be really NULL when all sound drivers are built-in.

Note that we keep ‘ifdef MODULE’ for WARN_ON(), otherwise it would
lead to a false-positive NULL module check. Admittedly it won’t catch
perfectly, i.e. no check is performed when CONFIG_SND=y. But, it’s no
real problem as it’s only for debugging, and the condition is pretty
rare.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

Vendors

Linux

Products

Linux

References

Canonical

CVE-2024-38605 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38605)

Miscellaneous

https://git.kernel.org/stable/c/d7ff29a429b56f04783152ad7bbd7233b740e434

https://git.kernel.org/stable/c/e7e0ca200772bdb2fdc6d43d32d341e87a36f811

https://git.kernel.org/stable/c/e007476725730c1a68387b54b7629486d8a8301e

https://git.kernel.org/stable/c/e644036a3e2b2c9b3eee3c61b5d31c2ca8b5ba92

https://git.kernel.org/stable/c/c935e72139e6d523defd60fe875c01eb1f9ea5c5

https://git.kernel.org/stable/c/6b8374ee2cabcf034faa34e69a855dc496a9ec12

https://git.kernel.org/stable/c/39381fe7394e5eafac76e7e9367e7351138a29c1

Rapid7

Unknown

CVE-2024-38605

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-38605

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-38605

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-38605

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification