Security Advisory

CVE-2025-38729

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-04 15:33:26

Last updated 2026-05-12 12:05:58

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too.

← Browse all CVEs View on cve.org ↗