{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-52904","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-08-21T06:07:11.014Z","datePublished":"2024-08-21T06:10:44.960Z","dateUpdated":"2025-05-04T07:45:43.772Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T07:45:43.772Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()\n\nThe subs function argument may be NULL, so do not use it before the NULL check."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["sound/usb/pcm.c"],"versions":[{"version":"bfd36b1d1869859af7ba94dc95ec05e74f40d0b7","lessThan":"f57204edc10760c935d8d36ea999dc8acf018030","status":"affected","versionType":"git"},{"version":"e1e0a181aea375edfae2f9a59070f95d904980d1","lessThan":"a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8","status":"affected","versionType":"git"},{"version":"291e9da91403e0e628d7692b5ed505100e7b7706","lessThan":"92a9c0ad86d47ff4cce899012e355c400f02cfb8","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["sound/usb/pcm.c"],"versions":[{"version":"5.15.152","lessThan":"5.15.168","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.152","versionEndExcluding":"5.15.168"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/f57204edc10760c935d8d36ea999dc8acf018030"},{"url":"https://git.kernel.org/stable/c/a474d4ad59cd4642d1b7e3a6c08cef9eca0992c8"},{"url":"https://git.kernel.org/stable/c/92a9c0ad86d47ff4cce899012e355c400f02cfb8"}],"title":"ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2023-52904","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-09-10T16:03:17.931881Z"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-12T17:33:17.251Z"}}]}}