CVE-2025-71286

The size of the data behind of scontrol->ipccontroldata for bytes controls is: [1] sizeof(struct sofipc4controldata) + // kernel only struct [2] sizeof(struct sofabi_hdr)) + payload

The max_size specifies the size of [2] and it is coming from topology.

Change the function to take this into account and allocate adequate amount of memory behind scontrol->ipccontroldata.

With the change we will allocate [1] amount more memory to be able to hold the full size of data.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71286.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a382082ff74b036944cbc5b6ad29b65f633acd3a

Fixed

59fe643f21b9d59bcbedb0dfbf988ee455c23736

Fixed

491956b45b5f4933632ea6d8a8bdfdf045ab81e1

Fixed

a704a1a4394b5877b9adc31b2c3165ad0b541896

Fixed

1237cd9ff198cb882402572f29569e5247190974

Fixed

a653820700b81c9e6f05ac23b7969ecec1a18e85

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71286.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

6.4.0

Fixed

6.6.128

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.75

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.16

Type: ECOSYSTEM
Events: Introduced

6.19.0

Fixed

6.19.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71286.json"