CVE-2024-50104

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Nov 5, 2024
Updated: Nov 12, 2024
CWE ID 476

Summary

[#1] CVE-2024-50104 is a kernel vulnerability in the Linux soundwire driver for Qualcomm SoCs, specifically in the sdm845 soundcard driver. The issue arises due to the omission of Soundwire runtime stream allocation during the transition from Qualcomm Soundwire controller to SoC soundcard drivers. As a result, any attempt to playback audio or start an audio daemon will result in a NULL dereference, leading to a kernel panic. The vulnerability was discovered during the migration process and can potentially affect systems using the sdm845 soundcard driver.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share