CVE-2024-40964: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() (!4730) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

CKI Backport Bot requested to merge redhat/red-hat-ci-tools/kernel/bot-branches/centos-stream-9:backport-RHEL-48198-centos-stream-9-main into main Jul 15, 2024

JIRA: https://issues.redhat.com/browse/RHEL-48198
CVE: CVE-2024-40964

ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind()

The cs35l41_hda_unbind() function clears the hda_component entry
matching it's index and then dereferences the codec pointer held in the
first element of the hda_component array, this is an issue when the
device index was 0.

Instead use the codec pointer stashed in the cs35l41_hda structure as it
will still be valid.

Fixes: 7cf5ce66dfda ("ALSA: hda: cs35l41: Add device_link between HDA and cs35l41_hda")
Signed-off-by: Simon Trimmer <simont@opensource.cirrus.com>
Link: https://lore.kernel.org/r/20240531120820.35367-1-simont@opensource.cirrus.com
Signed-off-by: Takashi Iwai <tiwai@suse.de>
(cherry picked from commit 6386682cdc8b41319c92fbbe421953e33a28840c)

Signed-off-by: CKI Backport Bot cki-ci-bot+cki-gitlab-backport-bot@redhat.com

CVE-2024-40964: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind()

Merge request reports