CVE-2023-52674
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/05/2024
Last modified:
07/04/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()<br />
<br />
Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and<br />
SCARLETT2_MIXER_MAX_VALUE so we don&#39;t attempt to access outside<br />
scarlett2_mixer_values[].
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.4 (including) | 5.15.148 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.75 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.14 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.7.2 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/03035872e17897ba89866940bbc9cefca601e572
- https://git.kernel.org/stable/c/04f8f053252b86c7583895c962d66747ecdc61b7
- https://git.kernel.org/stable/c/ad945ea8d47dd4454c271510bea24850119847c2
- https://git.kernel.org/stable/c/d8d8897d65061cbe36bf2909057338303a904810
- https://git.kernel.org/stable/c/e517645ead5ea22c69d2a44694baa23fe1ce7c2b
- https://git.kernel.org/stable/c/03035872e17897ba89866940bbc9cefca601e572
- https://git.kernel.org/stable/c/04f8f053252b86c7583895c962d66747ecdc61b7
- https://git.kernel.org/stable/c/ad945ea8d47dd4454c271510bea24850119847c2
- https://git.kernel.org/stable/c/d8d8897d65061cbe36bf2909057338303a904810
- https://git.kernel.org/stable/c/e517645ead5ea22c69d2a44694baa23fe1ce7c2b