Fixed
Created: Dec 9, 2025
Updated: Dec 11, 2025
Resolved Date: Dec 10, 2025
Found In Version: 10.22.33.1
Fix Version: 10.22.33.8
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() tuning_ctl_set() might have buffer overrun at (X) if it didn't break from loop by matching (A). \tstatic int tuning_ctl_set(...) \t{ \t\tfor (i = 0; i < TUNING_CTLS_COUNT; i++) (A)\t\t\tif (nid == ca0132_tuning_ctls[i].nid) \t\t\t\tbreak; \t\tsnd_hda_power_up(...); (X)\t\tdspio_set_param(..., ca0132_tuning_ctls[i].mid, ...); \t\tsnd_hda_power_down(...); ^ \t\treturn 1; \t} We will get below error by cppcheck \tsound/pci/hda/patch_ca0132.c:4229:2: note: After for loop, i has value 12 \t for (i = 0; i < TUNING_CTLS_COUNT; i++) \t ^ \tsound/pci/hda/patch_ca0132.c:4234:43: note: Array index out of bounds \t dspio_set_param(codec, ca0132_tuning_ctls[i].mid, 0x20, \t ^ This patch cares non match case.
