Security Advisory

CVE-2025-68347

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-24 10:32:39
Last updated 2026-05-11 21:51:26
Assigner Linux
State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdep_read() could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header size (8 bytes). Fix by using min_t() to clamp the copy size, This ensures we never copy more than the user requested.