CVE-2023-54233

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

30/12/2025

Last modified:

31/12/2025

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .module_info field won&#39;t be set, then sof_ipc4_route_setup() will cause a kernel Oops trying to dereference it. Add a check for such cases.

Impact

References to Advisories, Solutions, and Tools

https://git.kernel.org/stable/c/170818974e9732506195c6302743856cc8bdfd6f
https://git.kernel.org/stable/c/e3720f92e0237921da537e47a0b24e27899203f8