CVE-2024-50104: 
Linux Debian vulnerability analysis and mitigation

A NULL pointer dereference vulnerability was discovered in the Linux kernel's ASoC (ALSA System on Chip) Qualcomm SDM845 sound driver. The issue arose during the migration of Soundwire runtime stream allocation from the Qualcomm Soundwire controller to SoC's soundcard drivers, where the sdm845 soundcard was overlooked. The vulnerability affects Linux kernel versions from 6.8 up to (excluding) 6.11.6, and various release candidates of version 6.12 (NVD).

The vulnerability occurs when wsa881xhwparams() is called with stream = NULL and passes it further to sdwstreamaddslave() without proper checks. This results in a NULL pointer dereference when attempting to access the masterlist member in struct sdwstreamruntime at offset 32. The issue manifests during any playback attempt or audio daemon startup on affected systems, particularly on the sdm845-db845c (Qualcomm RB3 board). The vulnerability has been assigned a CVSS v3.1 base score of 5.5 MEDIUM (Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (NVD, Kernel Patch).

When exploited, this vulnerability results in a kernel NULL pointer dereference, leading to a system crash (denial of service). This affects systems using the Qualcomm SDM845 sound driver, particularly those with audio playback functionality (NVD).

The vulnerability has been fixed by adding required calls to qcomsndsdwstartup() and sdwreleasestream() to startup and shutdown routines. This restores the correct behavior when ->setstream() method is called to set a valid stream runtime pointer on playback startup. Users should update to Linux kernel version 6.11.6 or later, or apply the available patch (Kernel Patch).