{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41037", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-07-12T12:17:45.620Z", "datePublished": "2024-07-29T14:31:51.501Z", "dateUpdated": "2025-05-04T09:20:39.404Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:20:39.404Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda: fix null deref on system suspend entry\n\nWhen system enters suspend with an active stream, SOF core\ncalls hw_params_upon_resume(). On Intel platforms with HDA DMA used\nto manage the link DMA, this leads to call chain of\n\n hda_dsp_set_hw_params_upon_resume()\n -> hda_dsp_dais_suspend()\n -> hda_dai_suspend()\n -> hda_ipc4_post_trigger()\n\nA bug is hit in hda_dai_suspend() as hda_link_dma_cleanup() is run first,\nwhich clears hext_stream->link_substream, and then hda_ipc4_post_trigger()\nis called with a NULL snd_pcm_substream pointer."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/soc/sof/intel/hda-dai.c"], "versions": [{"version": "2b009fa0823c1510700fd17a0780ddd06a460fb4", "lessThan": "8246bbf818ed7b8d5afc92b951e6d562b45c2450", "status": "affected", "versionType": "git"}, {"version": "2b009fa0823c1510700fd17a0780ddd06a460fb4", "lessThan": "993af0f2d9f24e3c18a445ae22b34190d1fcad61", "status": "affected", "versionType": "git"}, {"version": "2b009fa0823c1510700fd17a0780ddd06a460fb4", "lessThan": "9065693dcc13f287b9e4991f43aee70cf5538fdd", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/soc/sof/intel/hda-dai.c"], "versions": [{"version": "6.4", "status": "affected"}, {"version": "0", "lessThan": "6.4", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.41", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9.10", "lessThanOrEqual": "6.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.10", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.6.41"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.9.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4", "versionEndExcluding": "6.10"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/8246bbf818ed7b8d5afc92b951e6d562b45c2450"}, {"url": "https://git.kernel.org/stable/c/993af0f2d9f24e3c18a445ae22b34190d1fcad61"}, {"url": "https://git.kernel.org/stable/c/9065693dcc13f287b9e4991f43aee70cf5538fdd"}], "title": "ASoC: SOF: Intel: hda: fix null deref on system suspend entry", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.066Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8246bbf818ed7b8d5afc92b951e6d562b45c2450", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/993af0f2d9f24e3c18a445ae22b34190d1fcad61", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9065693dcc13f287b9e4991f43aee70cf5538fdd", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41037", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:23:26.833410Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:03.339Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8246bbf818ed7b8d5afc92b951e6d562b45c2450", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/993af0f2d9f24e3c18a445ae22b34190d1fcad61", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9065693dcc13f287b9e4991f43aee70cf5538fdd", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:39:56.066Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41037", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T16:23:26.833410Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:20.387Z"}}], "cna": {"title": "ASoC: SOF: Intel: hda: fix null deref on system suspend entry", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2b009fa0823c1510700fd17a0780ddd06a460fb4", "lessThan": "8246bbf818ed7b8d5afc92b951e6d562b45c2450", "versionType": "git"}, {"status": "affected", "version": "2b009fa0823c1510700fd17a0780ddd06a460fb4", "lessThan": "993af0f2d9f24e3c18a445ae22b34190d1fcad61", "versionType": "git"}, {"status": "affected", "version": "2b009fa0823c1510700fd17a0780ddd06a460fb4", "lessThan": "9065693dcc13f287b9e4991f43aee70cf5538fdd", "versionType": "git"}], "programFiles": ["sound/soc/sof/intel/hda-dai.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.4"}, {"status": "unaffected", "version": "0", "lessThan": "6.4", "versionType": "semver"}, {"status": "unaffected", "version": "6.6.41", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.9.10", "versionType": "semver", "lessThanOrEqual": "6.9.*"}, {"status": "unaffected", "version": "6.10", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["sound/soc/sof/intel/hda-dai.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/8246bbf818ed7b8d5afc92b951e6d562b45c2450"}, {"url": "https://git.kernel.org/stable/c/993af0f2d9f24e3c18a445ae22b34190d1fcad61"}, {"url": "https://git.kernel.org/stable/c/9065693dcc13f287b9e4991f43aee70cf5538fdd"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda: fix null deref on system suspend entry\n\nWhen system enters suspend with an active stream, SOF core\ncalls hw_params_upon_resume(). On Intel platforms with HDA DMA used\nto manage the link DMA, this leads to call chain of\n\n hda_dsp_set_hw_params_upon_resume()\n -> hda_dsp_dais_suspend()\n -> hda_dai_suspend()\n -> hda_ipc4_post_trigger()\n\nA bug is hit in hda_dai_suspend() as hda_link_dma_cleanup() is run first,\nwhich clears hext_stream->link_substream, and then hda_ipc4_post_trigger()\nis called with a NULL snd_pcm_substream pointer."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T09:10:34.343Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41037", "state": "PUBLISHED", "dateUpdated": "2024-12-19T09:10:34.343Z", "dateReserved": "2024-07-12T12:17:45.620Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-07-29T14:31:51.501Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "27E794A4-18EA-4EBB-9EC1-DCA36044ECB4", "versionEndExcluding": "6.6.41", "versionStartIncluding": "6.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB2E8DEC-CFD5-4C2B-981D-E7E45A36C352", "versionEndExcluding": "6.9.10", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda: fix null deref on system suspend entry\n\nWhen system enters suspend with an active stream, SOF core\ncalls hw_params_upon_resume(). On Intel platforms with HDA DMA used\nto manage the link DMA, this leads to call chain of\n\n hda_dsp_set_hw_params_upon_resume()\n -> hda_dsp_dais_suspend()\n -> hda_dai_suspend()\n -> hda_ipc4_post_trigger()\n\nA bug is hit in hda_dai_suspend() as hda_link_dma_cleanup() is run first,\nwhich clears hext_stream->link_substream, and then hda_ipc4_post_trigger()\nis called with a NULL snd_pcm_substream pointer."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: ASoC: SOF: Intel: hda: corrige el deref nulo en la entrada de suspensi\u00f3n del sistema Cuando el sistema entra en suspensi\u00f3n con una secuencia activa, el n\u00facleo de SOF llama a hw_params_upon_resume(). En las plataformas Intel con HDA DMA utilizado para administrar el enlace DMA, esto conduce a la cadena de llamadas de hda_dsp_set_hw_params_upon_resume() -> hda_dsp_dais_suspend() -> hda_dai_suspend() -> hda_ipc4_post_trigger() Se detecta un error en hda_dai_suspend() como hda_link_dma_cleanup() ejecutar primero, lo que borra hext_stream->link_substream, y luego se llama a hda_ipc4_post_trigger() con un puntero NULL snd_pcm_substream."}], "id": "CVE-2024-41037", "lastModified": "2024-11-21T09:32:06.820", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2024-07-29T15:15:12.240", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8246bbf818ed7b8d5afc92b951e6d562b45c2450"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9065693dcc13f287b9e4991f43aee70cf5538fdd"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/993af0f2d9f24e3c18a445ae22b34190d1fcad61"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8246bbf818ed7b8d5afc92b951e6d562b45c2450"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9065693dcc13f287b9e4991f43aee70cf5538fdd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/993af0f2d9f24e3c18a445ae22b34190d1fcad61"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: ASoC: SOF: Intel: hda: fix null deref on system suspend entry", "id": "2300405", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300405"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nASoC: SOF: Intel: hda: fix null deref on system suspend entry\nWhen system enters suspend with an active stream, SOF core\ncalls hw_params_upon_resume(). On Intel platforms with HDA DMA used\nto manage the link DMA, this leads to call chain of\nhda_dsp_set_hw_params_upon_resume()\n-> hda_dsp_dais_suspend()\n-> hda_dai_suspend()\n-> hda_ipc4_post_trigger()\nA bug is hit in hda_dai_suspend() as hda_link_dma_cleanup() is run first,\nwhich clears hext_stream->link_substream, and then hda_ipc4_post_trigger()\nis called with a NULL snd_pcm_substream pointer.", "A vulnerability was found in the Linux kernel, affecting Intel platforms using HDA DMA to manage the link DMA. When the system enters a suspend mode with an active stream, it can trigger a chain of function calls including hda_dai_suspend(), which calls the function hda_link_dma_cleanup() that clears the hext_stream->link_substream. However, afterwards the hda_ipc4_post_trigger() function is called and attempts to use the now-cleared snd_pcm_susbtream pointer, causing a NULL pointer dereference, potentially leading to system instability."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-41037", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-07-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-41037\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-41037\nhttps://lore.kernel.org/linux-cve-announce/2024072923-CVE-2024-41037-84b8@gregkh/T"], "threat_severity": "Moderate"}