CVE-2025-39751

Опубликовано: 11 сент. 2025

Источник: redhat

CVSS3: 7

Описание

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control The 'sprintf' call in 'add_tuning_control' may exceed the 44-byte buffer if either string argument is too long. This triggers a compiler warning. Replaced 'sprintf' with 'snprintf' to limit string lengths to prevent overflow.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Affected
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Affected
Red Hat Enterprise Linux 7	kernel-rt	Affected
Red Hat Enterprise Linux 8	kernel	Affected
Red Hat Enterprise Linux 8	kernel-rt	Affected
Red Hat Enterprise Linux 9	kernel	Affected
Red Hat Enterprise Linux 9	kernel-rt	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-120

https://bugzilla.redhat.com/show_bug.cgi?id=2394624kernel: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control

7 High

CVSS3

Связанные уязвимости

CVE-2025-39751

ubuntu

3 месяца назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-39751

nvd

3 месяца назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

CVE-2025-39751

msrc

3 месяца назад

ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control

GHSA-m645-99m8-4hcp

github

3 месяца назад

BDU:2025-16080

CVSS3: 4.5

fstec

6 месяцев назад

Уязвимость функции add_tuning_control компонента sound/pci/hda/patch_ca0132.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

7 High

CVSS3