{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T03:05:03.120","vulnerabilities":[{"cve":{"id":"CVE-2024-39473","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-07-05T07:15:10.123","lastModified":"2024-11-21T09:27:44.437","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension\n\nIf a process module does not have base config extension then the same\nformat applies to all of it's inputs and the process->base_config_ext is\nNULL, causing NULL dereference when specifically crafted topology and\nsequences used."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: SOF: ipc4-topology: arregla la consulta de formato de entrada de módulos de proceso sin extensión base. Si un módulo de proceso no tiene extensión de configuración base, entonces se aplica el mismo formato a todas sus entradas. y el proceso->base_config_ext es NULL, lo que provoca una desreferencia NULL cuando se utilizan secuencias y topologías manipuladas específicamente."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.4","matchCriteriaId":"18D12E25-2947-44E7-989D-24450E013A1F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.34","matchCriteriaId":"AC0C6E24-8240-425A-BD1A-F78E6D3A67FC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.9.5","matchCriteriaId":"54EDFD02-25E6-4BC8-9AD0-0A59881F400A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*","matchCriteriaId":"C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Mailing List","Patch"]},{"url":"https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Mailing List","Patch"]},{"url":"https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Mailing List","Patch"]},{"url":"https://git.kernel.org/stable/c/9e16f17a2a0e97b43538b272e7071537a3e03368","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://git.kernel.org/stable/c/e3ae00ee238bce6cfa5ad935c921181c14d18fd6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]},{"url":"https://git.kernel.org/stable/c/ffa077b2f6ad124ec3d23fbddc5e4b0ff2647af8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]}]}}]}