CVE-2025-38078

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-38078

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38078.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-38078

Downstream

BELL-CVE-2025-38078

DEBIAN-CVE-2025-38078

DSA-5973-1

ECHO-7a07-2fe2-4ef0

OESA-2025-1727

OESA-2025-1728

OESA-2025-1729

OESA-2025-1730

OESA-2025-1870

SUSE-SU-2025:02249-1

SUSE-SU-2025:02538-1

SUSE-SU-2025:02923-1

UBUNTU-CVE-2025-38078

USN-7704-1

USN-7704-2

USN-7704-3

USN-7704-4

USN-7704-5

USN-7711-1

USN-7712-1

USN-7712-2

USN-7769-1

USN-7769-2

USN-7770-1

Related

Published

2025-06-18T10:15:41Z

Modified

2025-08-12T21:01:38Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: pcm: Fix race of buffer access at PCM OSS layer

The PCM OSS layer tries to clear the buffer with the silence data at initialization (or reconfiguration) of a stream with the explicit call of sndpcmformatsetsilence() with runtime->dmaarea. But this may lead to a UAF because the accessed runtime->dmaarea might be freed concurrently, as it's performed outside the PCM ops.

For avoiding it, move the code into the PCM core and perform it inside the buffer access lock, so that it won't be changed during the operation.

References

Affected packages