CVE-2025-68346

UNKNOWN 0.0

ALSA: dice: fix buffer overflow in detect_stream_formats()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detect_stream_formats() The function detect_stream_formats() reads the stream_count value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious device provides a stream_count value greater than MAX_STREAMS. Fix by applying the same validation to both TX and RX stream counts in detect_stream_formats().

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Dec 24, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

58579c056c1c9510ae6695ed8e01ee05bbdcfb23 < d6280a5b00cad37d9a9a875849e5bf7ed2fe4950 58579c056c1c9510ae6695ed8e01ee05bbdcfb23 < 3cf854cec0eb371da47ff5fe56eab189d7fa623a 58579c056c1c9510ae6695ed8e01ee05bbdcfb23 < 4a6ab0f6cc9bdfdfecbf257a46ff4275bd965af4 58579c056c1c9510ae6695ed8e01ee05bbdcfb23 < dea3ed2c16f99f46f97b1a090bf80ecdd6972ce0 58579c056c1c9510ae6695ed8e01ee05bbdcfb23 < c0a1fe1902ad23e6d48e0f68be1258ccf7a163e6 58579c056c1c9510ae6695ed8e01ee05bbdcfb23 < 932aa1e80b022419cf9710e970739b7a8794f27c 58579c056c1c9510ae6695ed8e01ee05bbdcfb23 < 1e1b3207a53e50d5a66289fffc1f7d52cd9c50f9 58579c056c1c9510ae6695ed8e01ee05bbdcfb23 < 324f3e03e8a85931ce0880654e3c3eb38b0f0bba

Linux / Linux

4.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗