CVE-2025-37934

Summary

In the Linux kernel, the following vulnerability has been resolved:

ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction

Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in ../sound/soc/fsl/imx-card.c:687:25 load of value 255 is not a valid value for type '_Bool'

This is because playback_only is uninitialized and is not written to, as the playback-only property is absent.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux844de7eebe97a1c277f8a408457712086c957195 < b41a49d5435e0f76da320f231b7252800e8f736faffected
LinuxLinux844de7eebe97a1c277f8a408457712086c957195 < 9b5b3088c4d1752253491705919bd7d067964288affected
LinuxLinux844de7eebe97a1c277f8a408457712086c957195 < 3cc393d2232ec770b5f79bf0673d67702a3536c3affected
LinuxLinux6.11affected
LinuxLinux0 < 6.11unaffected
LinuxLinux6.12.28 <= 6.12.*unaffected
LinuxLinux6.14.6 <= 6.14.*unaffected
LinuxLinux6.15 <= *unaffected

Weaknesses

References