VYPR
Unrated severityNVD Advisory· Published Aug 7, 2024· Updated Nov 3, 2025

firmware: cs_dsp: Validate payload length before processing block

CVE-2024-42237

Description

In the Linux kernel, the following vulnerability has been resolved:

firmware: cs_dsp: Validate payload length before processing block

Move the payload length check in cs_dsp_load() and cs_dsp_coeff_load() to be done before the block is processed.

The check that the length of a block payload does not exceed the number of remaining bytes in the firwmware file buffer was being done near the end of the loop iteration. However, some code before that check used the length field without validating it.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

137

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.