CVE-2025-38330
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38330
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38330.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38330
- Downstream
- Published
- 2025-07-10T08:15:03.579Z
- Modified
- 2025-12-02T14:35:55.354852Z
- Summary
- firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache)
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache)
KASAN reported out of bounds access - csdspctlcacheinitmultipleoffsets(). The code uses mockcoefftemplate.length_bytes (4 bytes) for register value allocations. But later, this length is set to 8 bytes which causes test code failures.
As fix, just remove the lenght override, keeping the original value 4 for all operations.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38330.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/e3dafc64b90546eb769f33333afabd9e3e915757
- https://git.kernel.org/stable/c/f4ba2ea57da51d616b689c4b8826c517ff5a8523
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38330.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-38330