{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2024-27436","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-25T13:47:42.687Z","datePublished":"2024-05-17T12:12:40.017Z","dateUpdated":"2026-05-12T11:51:39.195Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T20:10:46.477Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Stop parsing channels bits when all channels are found.\n\nIf a usb audio device sets more bits than the amount of channels\nit could write outside of the map array."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["sound/usb/stream.c"],"versions":[{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"7e2c1b0f6dd9abde9e60f0f9730026714468770f","status":"affected","versionType":"git"},{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"6d5dc96b154be371df0d62ecb07efe400701ed8a","status":"affected","versionType":"git"},{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"5cd466673b34bac369334f66cbe14bb77b7d7827","status":"affected","versionType":"git"},{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"9af1658ba293458ca6a13f70637b9654fa4be064","status":"affected","versionType":"git"},{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"629af0d5fe94a35f498ba2c3f19bd78bfa591be6","status":"affected","versionType":"git"},{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"22cad1b841a63635a38273b799b4791f202ade72","status":"affected","versionType":"git"},{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"c8a24fd281dcdf3c926413dafbafcf35cde517a9","status":"affected","versionType":"git"},{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"6d88b289fb0a8d055cb79d1c46a56aba7809d96d","status":"affected","versionType":"git"},{"version":"04324ccc75f96b3ed7aad1c866d1b7925e977bdf","lessThan":"a39d51ff1f52cd0b6fe7d379ac93bd8b4237d1b7","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["sound/usb/stream.c"],"versions":[{"version":"3.8","status":"affected"},{"version":"0","lessThan":"3.8","status":"unaffected","versionType":"semver"},{"version":"4.19.311","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.273","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.214","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.153","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.83","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.23","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7.11","lessThanOrEqual":"6.7.*","status":"unaffected","versionType":"semver"},{"version":"6.8.2","lessThanOrEqual":"6.8.*","status":"unaffected","versionType":"semver"},{"version":"6.9","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"4.19.311"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.4.273"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.10.214"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.15.153"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"6.1.83"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"6.6.23"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"6.7.11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"6.8.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"6.9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7e2c1b0f6dd9abde9e60f0f9730026714468770f"},{"url":"https://git.kernel.org/stable/c/6d5dc96b154be371df0d62ecb07efe400701ed8a"},{"url":"https://git.kernel.org/stable/c/5cd466673b34bac369334f66cbe14bb77b7d7827"},{"url":"https://git.kernel.org/stable/c/9af1658ba293458ca6a13f70637b9654fa4be064"},{"url":"https://git.kernel.org/stable/c/629af0d5fe94a35f498ba2c3f19bd78bfa591be6"},{"url":"https://git.kernel.org/stable/c/22cad1b841a63635a38273b799b4791f202ade72"},{"url":"https://git.kernel.org/stable/c/c8a24fd281dcdf3c926413dafbafcf35cde517a9"},{"url":"https://git.kernel.org/stable/c/6d88b289fb0a8d055cb79d1c46a56aba7809d96d"},{"url":"https://git.kernel.org/stable/c/a39d51ff1f52cd0b6fe7d379ac93bd8b4237d1b7"}],"title":"ALSA: usb-audio: Stop parsing channels bits when all channels are found.","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-787","lang":"en","description":"CWE-787 Out-of-bounds Write"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.3,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","integrityImpact":"NONE","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"LOW","privilegesRequired":"NONE","confidentialityImpact":"NONE"}},{"other":{"type":"ssvc","content":{"timestamp":"2024-05-21T15:45:09.433584Z","id":"CVE-2024-27436","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-11-07T20:20:17.657Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T00:34:52.266Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/7e2c1b0f6dd9abde9e60f0f9730026714468770f","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/6d5dc96b154be371df0d62ecb07efe400701ed8a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/5cd466673b34bac369334f66cbe14bb77b7d7827","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/9af1658ba293458ca6a13f70637b9654fa4be064","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/629af0d5fe94a35f498ba2c3f19bd78bfa591be6","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/22cad1b841a63635a38273b799b4791f202ade72","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/c8a24fd281dcdf3c926413dafbafcf35cde517a9","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/6d88b289fb0a8d055cb79d1c46a56aba7809d96d","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/a39d51ff1f52cd0b6fe7d379ac93bd8b4237d1b7","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html","tags":["x_transferred"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html","tags":["x_transferred"]}]},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T11:51:39.195Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC S7-1500 TM MFP - GNU/Linux subsystem","versions":[{"status":"affected","version":"0","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-265688.html"}]}]},"dataVersion":"5.2"}