CVE-2025-68347
- Source
- https://cve.org/CVERecord?id=CVE-2025-68347
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-68347.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-68347
- Downstream
- Related
- Published
- 2025-12-24T10:32:39.804Z
- Modified
- 2026-03-20T12:46:23.034915Z
- Summary
- ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
The DSP event handling code in hwdep_read() could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header size (8 bytes).
Fix by using min_t() to clamp the copy size, This ensures we never copy more than the user requested.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68347.json" }- References
-
- https://git.kernel.org/stable/c/161291bac551821bba98eb4ea84c82338578d1b0
- https://git.kernel.org/stable/c/16620f0617400746984362c3d6ac547eeae1d35f
- https://git.kernel.org/stable/c/210d77cca3d0494ed30a5c628b20c1d95fa04fb1
- https://git.kernel.org/stable/c/6275fd726d53a8ec724f20201cf3bd862711e17b
- https://git.kernel.org/stable/c/cdda0d06f8650e33255f79839f188bbece44117c
- https://git.kernel.org/stable/c/ddd32ec66bc4eb6969fe835e4cc1c0706c6348fe
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68347.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-68347
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced634ec0b2906efd46f6f57977e172aa3470aca432Fixed16620f0617400746984362c3d6ac547eeae1d35fFixedddd32ec66bc4eb6969fe835e4cc1c0706c6348feFixed6275fd726d53a8ec724f20201cf3bd862711e17bFixed161291bac551821bba98eb4ea84c82338578d1b0Fixedcdda0d06f8650e33255f79839f188bbece44117cFixed210d77cca3d0494ed30a5c628b20c1d95fa04fb1