2024-04-28 11:27:56
Linux
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Add some bounds checking to firmware data Smatch complains about "head->full_size - head->header_size" can underflow. To some extent, were always going to have to trust the firmware a bit. However, its easy enough to add a check for negatives, and lets add a upper bounds check as well.