CVE-2023-52987

CVE-2023-52987 is an array underflow vulnerability in the Linux kernel's ASoC SOF ipc4-mtrace component, specifically within the sof_ipc4_priority_mask_dfs_write() function. The issue arises because the "id" parameter, sourced from user input, is treated as a signed integer, enabling an underflow condition. This flaw, classified under CWE-129 (Improper Validation of Array Index), has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-03-27.

A local attacker with low privileges can exploit this vulnerability due to its low attack complexity and lack of user interaction requirements. Successful exploitation allows high-impact consequences, including unauthorized access to sensitive data (high confidentiality), modification of system resources (high integrity), and denial of service or system disruption (high availability), potentially leading to kernel-level compromise.

Mitigation involves applying the relevant Linux kernel patches, as detailed in the commit references: d52f34784e4e2f6e77671a9f104d8a69a3b5d24c and ea57680af47587397f5005d7758022441ed66d54. These patches resolve the underflow by changing the "id" type to unsigned, preventing the invalid array access. Security practitioners should update affected kernel versions accordingly.