CVE-2023-52904

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52904
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52904.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52904
Downstream
Related
Published
2024-08-21T06:10:44Z
Modified
2025-10-21T15:37:12.271534Z
Summary
ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Fix possible NULL pointer dereference in sndusbpcmhasfixed_rate()

The subs function argument may be NULL, so do not use it before the NULL check.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
bfd36b1d1869859af7ba94dc95ec05e74f40d0b7
Fixed
f57204edc10760c935d8d36ea999dc8acf018030
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e1e0a181aea375edfae2f9a59070f95d904980d1
Fixed
a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
291e9da91403e0e628d7692b5ed505100e7b7706
Fixed
92a9c0ad86d47ff4cce899012e355c400f02cfb8

Affected versions

v5.*

v5.15.152
v5.15.153
v5.15.154
v5.15.155
v5.15.156
v5.15.157
v5.15.158
v5.15.159
v5.15.160
v5.15.161
v5.15.162
v5.15.163
v5.15.164
v5.15.165
v5.15.166
v5.15.167

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.152
Fixed
5.15.168