VYPR
Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Apr 15, 2026

CVE-2023-53788

CVE-2023-53788

Description

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set()

tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A).

static int tuning_ctl_set(...) { for (i = 0; i < TUNING_CTLS_COUNT; i++) (A) if (nid == ca0132_tuning_ctls[i].nid) break;

snd_hda_power_up(...); (X) dspio_set_param(..., ca0132_tuning_ctls[i].mid, ...); snd_hda_power_down(...); ^

return 1; }

We will get below error by cppcheck

sound/pci/hda/patch_ca0132.c:4229:2: note: After for loop, i has value 12 for (i = 0; i < TUNING_CTLS_COUNT; i++) ^ sound/pci/hda/patch_ca0132.c:4234:43: note: Array index out of bounds dspio_set_param(codec, ca0132_tuning_ctls[i].mid, 0x20, ^ This patch cares non match case.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

84

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.