CVE-2023-52689: ALSA: scarlett2: Add missing mutex lock around get meter levels
Description
In the Linux kernel, the following vulnerability has been resolved:
ALSA: scarlett2: Add missing mutex lock around get meter levels
As scarlett2_meter_ctl_get() uses meter_level_map[], the data_mutex
should be locked while accessing it.
Classification
CVE ID: CVE-2023-52689
Affected Products
Vendor: Linux
Product: Linux
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.44% (scored less or equal to compared to others)
EPSS Date: 2025-02-03 (when was this score calculated)
References
https://git.kernel.org/stable/c/74e3de7cdcc31ce75ab42350ae0946eff62a2da2https://git.kernel.org/stable/c/993f7b42fa066b055e3a19b7f76ad8157c0927a0