You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
sound open firmware
About this tag
The tag sound open firmware covers discussions about the Sound Open Firmware (SOF) project, particularly in the context of Linux kernel security. A recent thread on WindowsForum.com examines CVE-2024-39473, a NULL-pointer dereference vulnerability in the SOF IPC4 topology code. The thread clarifies Microsoft's attestation that Azure Linux includes the affected open-source library, but notes this is a product-scoped inventory statement rather than a guarantee that no other Microsoft products contain the vulnerable code. This tag is relevant for users tracking Linux kernel vulnerabilities, firmware security, and Microsoft's handling of open-source components in Azure Linux.
A quietly released Linux-kernel fix tracked as CVE-2024-39473 closes a NULL-pointer dereference in the Sound Open Firmware (SOF) IPC4 topology code — but Microsoft’s public attestation that “Azure Linux includes this open‑source library and is therefore potentially affected” should be read as a...