{"id":"CVE-2023-53607","summary":"ALSA: ymfpci: Fix BUG_ON in probe function","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ymfpci: Fix BUG_ON in probe function\n\nThe snd_dma_buffer.bytes field now contains the aligned size, which this\nsnd_BUG_ON() did not account for, resulting in the following:\n\n[    9.625915] ------------[ cut here ]------------\n[    9.633440] WARNING: CPU: 0 PID: 126 at sound/pci/ymfpci/ymfpci_main.c:2168 snd_ymfpci_create+0x681/0x698 [snd_ymfpci]\n[    9.648926] Modules linked in: snd_ymfpci(+) snd_intel_dspcfg kvm(+) snd_intel_sdw_acpi snd_ac97_codec snd_mpu401_uart snd_opl3_lib irqbypass snd_hda_codec gameport snd_rawmidi crct10dif_pclmul crc32_pclmul cfg80211 snd_hda_core polyval_clmulni polyval_generic gf128mul snd_seq_device ghash_clmulni_intel snd_hwdep ac97_bus sha512_ssse3 rfkill snd_pcm aesni_intel tg3 snd_timer crypto_simd snd mxm_wmi libphy cryptd k10temp fam15h_power pcspkr soundcore sp5100_tco wmi acpi_cpufreq mac_hid dm_multipath sg loop fuse dm_mod bpf_preload ip_tables x_tables ext4 crc32c_generic crc16 mbcache jbd2 sr_mod cdrom ata_generic pata_acpi firewire_ohci crc32c_intel firewire_core xhci_pci crc_itu_t pata_via xhci_pci_renesas floppy\n[    9.711849] CPU: 0 PID: 126 Comm: kworker/0:2 Not tainted 6.1.21-1-lts #1 08d2e5ece03136efa7c6aeea9a9c40916b1bd8da\n[    9.722200] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./990FX Extreme4, BIOS P2.70 06/05/2014\n[    9.732204] Workqueue: events work_for_cpu_fn\n[    9.736580] RIP: 0010:snd_ymfpci_create+0x681/0x698 [snd_ymfpci]\n[    9.742594] Code: 8c c0 4c 89 e2 48 89 df 48 c7 c6 92 c6 8c c0 e8 15 d0 e9 ff 48 83 c4 08 44 89 e8 5b 5d 41 5c 41 5d 41 5e 41 5f e9 d3 7a 33 e3 \u003c0f\u003e 0b e9 cb fd ff ff 41 bd fb ff ff ff eb db 41 bd f4 ff ff ff eb\n[    9.761358] RSP: 0018:ffffab64804e7da0 EFLAGS: 00010287\n[    9.766594] RAX: ffff8fa2df06c400 RBX: ffff8fa3073a8000 RCX: ffff8fa303fbc4a8\n[    9.773734] RDX: ffff8fa2df06d000 RSI: 0000000000000010 RDI: 0000000000000020\n[    9.780876] RBP: ffff8fa300b5d0d0 R08: ffff8fa3073a8e50 R09: 00000000df06bf00\n[    9.788018] R10: ffff8fa2df06bf00 R11: 00000000df068200 R12: ffff8fa3073a8918\n[    9.795159] R13: 0000000000000000 R14: 0000000000000080 R15: ffff8fa2df068200\n[    9.802317] FS:  0000000000000000(0000) GS:ffff8fa9fec00000(0000) knlGS:0000000000000000\n[    9.810414] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[    9.816158] CR2: 000055febaf66500 CR3: 0000000101a2e000 CR4: 00000000000406f0\n[    9.823301] Call Trace:\n[    9.825747]  \u003cTASK\u003e\n[    9.827889]  snd_card_ymfpci_probe+0x194/0x950 [snd_ymfpci b78a5fe64b5663a6390a909c67808567e3e73615]\n[    9.837030]  ? finish_task_switch.isra.0+0x90/0x2d0\n[    9.841918]  local_pci_probe+0x45/0x80\n[    9.845680]  work_for_cpu_fn+0x1a/0x30\n[    9.849431]  process_one_work+0x1c7/0x380\n[    9.853464]  worker_thread+0x1af/0x390\n[    9.857225]  ? rescuer_thread+0x3b0/0x3b0\n[    9.861254]  kthread+0xde/0x110\n[    9.864414]  ? kthread_complete_and_exit+0x20/0x20\n[    9.869210]  ret_from_fork+0x22/0x30\n[    9.872792]  \u003c/TASK\u003e\n[    9.874985] ---[ end trace 0000000000000000 ]---","modified":"2026-04-02T09:44:36.328190Z","published":"2025-10-04T15:44:16.598Z","related":["SUSE-SU-2025:4111-1","SUSE-SU-2025:4139-1","SUSE-SU-2025:4149-1","SUSE-SU-2025:4320-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53607.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/32b9bd7cfc2e2d92d595386add4e111b232b351f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6be2e7522eb529b41c16d459f33bbdbcddbf5c15"},{"type":"WEB","url":"https://git.kernel.org/stable/c/81d2a7e93c8322ca6b858f6736d7fc3d034e6c23"},{"type":"WEB","url":"https://git.kernel.org/stable/c/96e34c88000febc83e41aa7db0b0a41676314818"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d0217b09910c081b6471181345ea5b24025edf51"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53607.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53607"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"4faf4bbc2d600a921052ff45b1b5914d583d9046"},{"fixed":"96e34c88000febc83e41aa7db0b0a41676314818"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"5c1733e33c888a3cb7f576564d8ad543d5ad4a9e"},{"fixed":"81d2a7e93c8322ca6b858f6736d7fc3d034e6c23"},{"fixed":"32b9bd7cfc2e2d92d595386add4e111b232b351f"},{"fixed":"d0217b09910c081b6471181345ea5b24025edf51"},{"fixed":"6be2e7522eb529b41c16d459f33bbdbcddbf5c15"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"f52ac912c14c5bf426c0f9e0c6236dbcdf61664e"},{"last_affected":"19241a56c5d6e74b32b1fbb1bd3ba7edef421f16"},{"last_affected":"05243cf88f7fa5e9dd5659399bc9307ff3fb675f"},{"last_affected":"015af30d373d33548c9afcffbbaaf266459731de"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53607.json"}}],"schema_version":"1.7.5"}