CVE & CISA-KEV Catalog

CVE-2024-50104

MEDIUM
5.5
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sdm845: add missing soundwire runtime stream alloc During the migration of Soundwire runtime stream allocation from the Qualcomm Soundwire controller to SoC's soundcard drivers the sdm845 soundcard was forgotten. At this point any playback attempt or audio daemon startup, for instance on sdm845-db845c (Qualcomm RB3 board), will result in stream pointer NULL dereference: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020 Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 FSC = 0x04: level 0 translation fault Data abort info: ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000 CM = 0, WnR = 0, TnD = 0, TagAccess = 0 GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 user pgtable: 4k pages, 48-bit VAs, pgdp=0000000101ecf000 [0000000000000020] pgd=0000000000000000, p4d=0000000000000000 Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP Modules linked in: ... CPU: 5 UID: 0 PID: 1198 Comm: aplay Not tainted 6.12.0-rc2-qcomlt-arm64-00059-g9d78f315a362-dirty #18 Hardware name: Thundercomm Dragonboard 845c (DT) pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : sdw_stream_add_slave+0x44/0x380 [soundwire_bus] lr : sdw_stream_add_slave+0x44/0x380 [soundwire_bus] sp : ffff80008a2035c0 x29: ffff80008a2035c0 x28: ffff80008a203978 x27: 0000000000000000 x26: 00000000000000c0 x25: 0000000000000000 x24: ffff1676025f4800 x23: ffff167600ff1cb8 x22: ffff167600ff1c98 x21: 0000000000000003 x20: ffff167607316000 x19: ffff167604e64e80 x18: 0000000000000000 x17: 0000000000000000 x16: ffffcec265074160 x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000000000000 x7 : 0000000000000000 x6 : ffff167600ff1cec x5 : ffffcec22cfa2010 x4 : 0000000000000000 x3 : 0000000000000003 x2 : ffff167613f836c0 x1 : 0000000000000000 x0 : ffff16761feb60b8 Call trace: sdw_stream_add_slave+0x44/0x380 [soundwire_bus] wsa881x_hw_params+0x68/0x80 [snd_soc_wsa881x] snd_soc_dai_hw_params+0x3c/0xa4 __soc_pcm_hw_params+0x230/0x660 dpcm_be_dai_hw_params+0x1d0/0x3f8 dpcm_fe_dai_hw_params+0x98/0x268 snd_pcm_hw_params+0x124/0x460 snd_pcm_common_ioctl+0x998/0x16e8 snd_pcm_ioctl+0x34/0x58 __arm64_sys_ioctl+0xac/0xf8 invoke_syscall+0x48/0x104 el0_svc_common.constprop.0+0x40/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x34/0xe0 el0t_64_sync_handler+0x120/0x12c el0t_64_sync+0x190/0x194 Code: aa0403fb f9418400 9100e000 9400102f (f8420f22) ---[ end trace 0000000000000000 ]--- 0000000000006108 <sdw_stream_add_slave>: 6108: d503233f paciasp 610c: a9b97bfd stp x29, x30, [sp, #-112]! 6110: 910003fd mov x29, sp 6114: a90153f3 stp x19, x20, [sp, #16] 6118: a9025bf5 stp x21, x22, [sp, #32] 611c: aa0103f6 mov x22, x1 6120: 2a0303f5 mov w21, w3 6124: a90363f7 stp x23, x24, [sp, #48] 6128: aa0003f8 mov x24, x0 612c: aa0203f7 mov x23, x2 6130: a9046bf9 stp x25, x26, [sp, #64] 6134: aa0403f9 mov x25, x4 <-- x4 copied to x25 6138: a90573fb stp x27, x28, [sp, #80] 613c: aa0403fb mov x27, x4 6140: f9418400 ldr x0, [x0, #776] 6144: 9100e000 add x0, x0, #0x38 6148: 94000000 bl 0 <mutex_lock> 614c: f8420f22 ldr x2, [x25, #32]! <-- offset 0x44 ^^^ This is 0x6108 + offset 0x44 from the beginning of sdw_stream_add_slave() where data abort happens. wsa881x_hw_params() is called with stream = NULL and passes it further in register x4 (5th argu ---truncated---

How to fix

Remediation Available
linuxDebian
Fixed in:6.11.6-1CVE-2024-50104
Fixed in:6.11.6-1CVE-2024-50104
linuxUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-awsUbuntu
Fixed in:6.8.0-1027.29USN-7449-1
linux-aws-6.8Ubuntu
Fixed in:6.8.0-1027.29~22.04.1USN-7451-1
linux-azureUbuntu
Fixed in:6.8.0-1027.32USN-7449-1
linux-azure-6.8Ubuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
linux-azure-nvidiaUbuntu
Fixed in:6.8.0-1014.15USN-7468-1
linux-gcpUbuntu
Fixed in:6.8.0-1028.30USN-7450-1
linux-gcp-6.8Ubuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
linux-gkeUbuntu
Fixed in:6.8.0-1023.27USN-7450-1
linux-gkeopUbuntu
Fixed in:6.8.0-1010.12USN-7450-1
linux-hwe-6.8Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-ibmUbuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-6.11.0-1015-oemUbuntu
Fixed in:6.11.0-1015.15USN-7310-1
linux-image-6.8.0-1010-gkeopUbuntu
Fixed in:6.8.0-1010.12USN-7450-1
linux-image-6.8.0-1014-azure-nvidiaUbuntu
Fixed in:6.8.0-1014.15USN-7468-1
linux-image-6.8.0-1023-gkeUbuntu
Fixed in:6.8.0-1023.27USN-7450-1
linux-image-6.8.0-1024-ibmUbuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-6.8.0-1024-oracleUbuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-6.8.0-1024-oracle-64kUbuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-6.8.0-1026-nvidiaUbuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
Fixed in:6.8.0-1026.29USN-7449-1
linux-image-6.8.0-1026-nvidia-64kUbuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
Fixed in:6.8.0-1026.29USN-7449-1
linux-image-6.8.0-1026-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-image-6.8.0-1026-nvidia-lowlatency-64kUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-image-6.8.0-1026-oemUbuntu
Fixed in:6.8.0-1026.26USN-7449-1
linux-image-6.8.0-1027-awsUbuntu
Fixed in:6.8.0-1027.29~22.04.1USN-7451-1
Fixed in:6.8.0-1027.29USN-7449-1
linux-image-6.8.0-1027-azureUbuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
Fixed in:6.8.0-1027.32USN-7449-1
linux-image-6.8.0-1027-azure-fdeUbuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
Fixed in:6.8.0-1027.32USN-7449-1
linux-image-6.8.0-1028-gcpUbuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
Fixed in:6.8.0-1028.30USN-7450-1
linux-image-6.8.0-1028-gcp-64kUbuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
Fixed in:6.8.0-1028.30USN-7450-1
linux-image-6.8.0-1028-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-image-6.8.0-2023-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-image-6.8.0-58-genericUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
Fixed in:6.8.0-58.60+1USN-7449-1
linux-image-6.8.0-58-generic-64kUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
Fixed in:6.8.0-58.60+1USN-7449-1
linux-image-6.8.0-58-lowlatencyUbuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
Fixed in:6.8.0-58.60.1USN-7449-1
linux-image-6.8.0-58-lowlatency-64kUbuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
Fixed in:6.8.0-58.60.1USN-7449-1
linux-image-6.8.1-1020-realtimeUbuntu
Fixed in:6.8.1-1020.21USN-7453-1
linux-image-awsUbuntu
Fixed in:6.8.0-1027.29~22.04.1USN-7451-1
Fixed in:6.8.0-1027.29USN-7449-1
linux-image-aws-lts-24.04Ubuntu
Fixed in:6.8.0-1027.29USN-7449-1
linux-image-azureUbuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
linux-image-azure-fdeUbuntu
Fixed in:6.8.0-1027.32~22.04.1USN-7449-1
linux-image-azure-fde-lts-24.04Ubuntu
Fixed in:6.8.0-1027.32USN-7449-1
linux-image-azure-lts-24.04Ubuntu
Fixed in:6.8.0-1027.32USN-7449-1
linux-image-azure-nvidiaUbuntu
Fixed in:6.8.0-1014.15USN-7468-1
linux-image-gcpUbuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
linux-image-gcp-64kUbuntu
Fixed in:6.8.0-1028.30~22.04.1USN-7452-1
linux-image-gcp-64k-lts-24.04Ubuntu
Fixed in:6.8.0-1028.30USN-7450-1
linux-image-gcp-lts-24.04Ubuntu
Fixed in:6.8.0-1028.30USN-7450-1
linux-image-genericUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-generic-64kUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-generic-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-generic-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-generic-lpaeUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-gkeUbuntu
Fixed in:6.8.0-1023.27USN-7450-1
linux-image-gkeopUbuntu
Fixed in:6.8.0-1010.12USN-7450-1
linux-image-gkeop-6.8Ubuntu
Fixed in:6.8.0-1010.12USN-7450-1
linux-image-ibmUbuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-ibm-classicUbuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-ibm-lts-24.04Ubuntu
Fixed in:6.8.0-1024.24USN-7449-1
linux-image-kvmUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-lowlatencyUbuntu
Fixed in:6.8.0-58.60.1USN-7449-1
linux-image-lowlatency-64kUbuntu
Fixed in:6.8.0-58.60.1USN-7449-1
linux-image-lowlatency-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
linux-image-lowlatency-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
linux-image-nvidiaUbuntu
Fixed in:6.8.0-1026.29USN-7449-1
linux-image-nvidia-6.8Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-image-nvidia-64kUbuntu
Fixed in:6.8.0-1026.29USN-7449-1
linux-image-nvidia-64k-6.8Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-image-nvidia-64k-hwe-22.04Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-image-nvidia-hwe-22.04Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-image-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-image-nvidia-lowlatency-64kUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-image-oem-22.04Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-22.04aUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-22.04bUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-22.04cUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-22.04dUbuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-image-oem-24.04Ubuntu
Fixed in:6.8.0-1026.26USN-7449-1
linux-image-oem-24.04aUbuntu
Fixed in:6.8.0-1026.26USN-7449-1
linux-image-oem-24.04bUbuntu
Fixed in:6.11.0-1015.15USN-7310-1
linux-image-oracleUbuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-oracle-64kUbuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-oracle-64k-lts-24.04Ubuntu
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-oracle-lts-24.04Ubuntu
Fixed in:6.8.0-1024.25USN-7449-1
linux-image-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-image-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-image-realtimeUbuntu
Fixed in:6.8.1-1020.21USN-7453-1
linux-image-realtime-hwe-24.04Ubuntu
Fixed in:6.8.1-1020.21USN-7453-1
linux-image-virtualUbuntu
Fixed in:6.8.0-58.60USN-7449-1
linux-image-virtual-hwe-22.04Ubuntu
Fixed in:6.8.0-58.60~22.04.1USN-7449-2
linux-lowlatencyUbuntu
Fixed in:6.8.0-58.60.1USN-7449-1
linux-lowlatency-hwe-6.8Ubuntu
Fixed in:6.8.0-58.60.1~22.04.1USN-7449-1
linux-nvidiaUbuntu
Fixed in:6.8.0-1026.29USN-7449-1
linux-nvidia-6.8Ubuntu
Fixed in:6.8.0-1026.29~22.04.1USN-7449-1
linux-nvidia-lowlatencyUbuntu
Fixed in:6.8.0-1026.29.1USN-7449-1
linux-oem-6.11Ubuntu
Fixed in:6.11.0-1015.15USN-7310-1
linux-oem-6.8Ubuntu
Fixed in:6.8.0-1026.26USN-7449-1
linux-oracleUbuntu
Fixed in:6.8.0-1024.25USN-7449-1
linux-oracle-6.8Ubuntu
Fixed in:6.8.0-1024.25~22.04.1USN-7449-1
linux-raspiUbuntu
Fixed in:6.8.0-1028.32USN-7524-1
linux-raspi-realtimeUbuntu
Fixed in:6.8.0-2023.24USN-7523-1
linux-realtimeUbuntu
Fixed in:6.8.1-1020.21USN-7453-1

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.20%probability of exploitation in 30 days
10thpercentile

Low risk: more likely to be exploited than 10% of all known CVEs.

References

Related Vulnerabilities

Other CWE-476 (NULL Pointer Dereference) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-21758High7.592%-Fix
CVE-2023-21547High7.588%-Fix
CVE-2014-3470Medium4.386%-Fix
CVE-2021-44224High8.282%-Fix
CVE-2016-0742High7.582%-Fix
CVE-2009-1386Medium5.080%-Fix
Embed a live status badge for CVE-2024-50104
CVE-2024-50104 severity badge

Markdown

[![CVE-2024-50104](https://tridentstack.com/cve/badge/CVE-2024-50104.svg)](https://tridentstack.com/cve/CVE-2024-50104)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-50104"><img src="https://tridentstack.com/cve/badge/CVE-2024-50104.svg" alt="CVE-2024-50104"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-10-01.