Wind River Support Network

Description

'In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 ("ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 ("ASoC: ops: add correct range\ncheck for limiting volume"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches.\n']
CREATE(Triage):(User=myu2) [CVE-2025-37889 (https://nvd.nist.gov/vuln/detail/CVE-2025-37889)