CVE-2025-38329

Summary

In the Linux kernel, the following vulnerability has been resolved:

firmware: cs_dsp: Fix OOB memory read access in KUnit test (wmfw info)

KASAN reported out of bounds access - cs_dsp_mock_wmfw_add_info(), because the source string length was rounded up to the allocation size.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux5cf1b7b471803f7cc654a29ee16cb085ad69c097 < 0000a2303ba78b6424ff15b5085b5f5098750a2eaffected
LinuxLinux5cf1b7b471803f7cc654a29ee16cb085ad69c097 < d979b783d61f7f1f95664031b71a33afc74627b2affected
LinuxLinux6.14affected
LinuxLinux0 < 6.14unaffected
LinuxLinux6.15.4 <= 6.15.*unaffected
LinuxLinux6.16 <= *unaffected

Weaknesses

References