ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list
CVE-2025-68281

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68281?

In the Linux kernel, the following vulnerability has been resolved:

ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list

"struct sdca_control" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdca_parse_function API. This patch addresses the issue by allocating correct data size.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 6.17.12 <= 6.17.*

References

https://git.kernel.org/stable/c/fcd5786b506c51cbabc2560c6...
https://git.kernel.org/stable/c/eb2d6774cc0d9d6ab8f924825...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-68281 : Integer Array Memory Allocation Issue in Linux Kernel ASoC: SDCA by Linux Foundation