Buffer Overflow Vulnerability in Linux Kernel Affects ALSA USB Audio
CVE-2025-39757

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
11 September 2025

What is CVE-2025-39757?

A vulnerability in the Linux kernel's ALSA USB audio driver can allow for unchecked buffer sizes in UAC3 class segment descriptors. Failure to validate the sizes can lead to out-of-bounds (OOB) accesses when malicious firmware is introduced. This poses a potential risk for system stability and security, emphasizing the need for verification of descriptor lengths before allocation to prevent exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 11785ef53228d23ec386f5fe4a34601536f0c891 < 799c06ad4c9c790c265e8b6b94947213f1fb389c

Linux 11785ef53228d23ec386f5fe4a34601536f0c891 < 786571b10b1ae6d90e1242848ce78ee7e1d493c4

Linux 11785ef53228d23ec386f5fe4a34601536f0c891 < 275e37532e8ebe25e8a4069b2d9f955bfd202a46

References

https://git.kernel.org/stable/c/799c06ad4c9c790c265e8b6b9...
https://git.kernel.org/stable/c/786571b10b1ae6d90e1242848...
https://git.kernel.org/stable/c/275e37532e8ebe25e8a4069b2...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.