logo_clicknbuy.png

CVE-2025-38249 – ALSA USB Audio Out-of-Bounds Read Vulnerability

The following table lists the changes that have been made to the
CVE-2025-38249 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Jul. 09, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved:

    ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()

    In snd_usb_get_audioformat_uac3(), the length value returned from
    snd_usb_ctl_msg() is used directly for memory allocation without
    validation. This length is controlled by the USB device.

    The allocated buffer is cast to a uac3_cluster_header_descriptor
    and its fields are accessed without verifying that the buffer
    is large enough. If the device returns a smaller than expected
    length, this leads to an out-of-bounds read.

    Add a length check to ensure the buffer is large enough for
    uac3_cluster_header_descriptor.
    Added Reference https://git.kernel.org/stable/c/0ee87c2814deb5e42921281116ac3abcb326880b
    Added Reference https://git.kernel.org/stable/c/11e740dc1a2c8590eb7074b5c4ab921bb6224c36
    Added Reference https://git.kernel.org/stable/c/6eb211788e1370af52a245d4d7da35c374c7b401
    Added Reference https://git.kernel.org/stable/c/74fcb3852a2f579151ce80b9ed96cd916ba0d5d8
    Added Reference https://git.kernel.org/stable/c/fb4e2a6e8f28a3c0ad382e363aeb9cd822007b8a
Share the Post:

Related Posts