mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
986 B
986 B
CVE-2024-42237
Description
In the Linux kernel, the following vulnerability has been resolved:firmware: cs_dsp: Validate payload length before processing blockMove the payload length check in cs_dsp_load() and cs_dsp_coeff_load()to be done before the block is processed.The check that the length of a block payload does not exceed the numberof remaining bytes in the firwmware file buffer was being done near theend of the loop iteration. However, some code before that check used thelength field without validating it.
POC
Reference
No PoCs from references.