Buffer Overflow Vulnerability in Linux Kernel ALSA FireWire Driver
CVE-2025-68753

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
5 January 2026

What is CVE-2025-68753?

A buffer overflow vulnerability exists in the ALSA firewire-motu driver within the Linux kernel. This flaw specifically affects the DSP event handling code, where the put_user() loop is responsible for copying event data to a user buffer. If the user buffer is not aligned to 4 bytes, there is a risk of writing beyond the designated buffer boundary, leading to potential data corruption or exploitation. This issue has been mitigated by implementing a bounds check prior to executing the put_user() operation, ensuring that buffer overflows are properly prevented.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 634ec0b2906efd46f6f57977e172aa3470aca432

Linux 634ec0b2906efd46f6f57977e172aa3470aca432 < 6d4f17782ce4facf3197e79707df411ee3d7b30a

Linux 634ec0b2906efd46f6f57977e172aa3470aca432 < 0d71b3c2ed742f1ccb3b0b7a61afb90c0251093f

References

https://git.kernel.org/stable/c/ea2c921d9de6e32ca50cb817b...
https://git.kernel.org/stable/c/6d4f17782ce4facf3197e7970...
https://git.kernel.org/stable/c/0d71b3c2ed742f1ccb3b0b7a6...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.