CVE-2023-54245
Unknown Unknown - Not Provided
Slab-Out-of-Bounds in Linux ASoC tx-macro Codec

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller we get below Out of Bound. "KASAN: slab-out-of-bounds Read in regcache_flat_read" Below is the backtrace of the issue: dump_backtrace+0x0/0x4c8 show_stack+0x34/0x44 dump_stack_lvl+0xd8/0x118 print_address_description+0x30/0x2d8 kasan_report+0x158/0x198 __asan_report_load4_noabort+0x44/0x50 regcache_flat_read+0x10c/0x110 regcache_read+0xf4/0x180 _regmap_read+0xc4/0x278 _regmap_update_bits+0x130/0x290 regmap_update_bits_base+0xc0/0x15c snd_soc_component_update_bits+0xa8/0x22c snd_soc_component_write_field+0x68/0xd4 tx_macro_digital_mute+0xec/0x140 Actually There is no need to have decimator with 32 bits. By limiting the variable with short type u8 issue is resolved.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-05-06
AI Q&A
2025-12-30
EPSS Evaluated
2026-05-05
NVD
CVE-2023-54245
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a slab-out-of-bounds read in the Linux kernel's ASoC codec driver for tx-macro. It occurs in the function regcache_flat_read, causing a read beyond the allocated memory (out-of-bounds). The issue was triggered during testing with syzkaller and is related to the use of an unnecessarily large 32-bit variable where an 8-bit variable (u8) would suffice, leading to the out-of-bounds access. The fix involved limiting the variable size to u8 to prevent this memory access error.


How can this vulnerability impact me? :

This vulnerability can lead to out-of-bounds memory reads in the Linux kernel, which may cause system instability, crashes, or potentially expose sensitive kernel memory contents. Such memory errors can be exploited to compromise system security or cause denial of service.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by running the syzkaller fuzzer, which triggers the KASAN slab-out-of-bounds error in the regcache_flat_read function. The detection involves observing KASAN reports with backtraces similar to the one described, indicating out-of-bounds reads. Specific commands are not provided in the available information.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation involves applying the fix that limits the variable type to u8 (short type) to prevent the out-of-bounds access in the tx-macro codec. Since this is a kernel vulnerability, updating the Linux kernel to a version that includes this fix is recommended.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart