CVE-2025-39696

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: tas2781: Fix wrong reference of tasdevice_priv

During the conversion to unify the calibration data management, the reference to tasdevice_priv was wrongly set to h->hda_priv instead of h->priv. This resulted in memory corruption and crashes eventually. Unfortunately it's a void pointer, hence the compiler couldn't know that it's wrong.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4fe238513407d83f38bf5782e8bcdd7b8baeb85d < 2812815aa79637d39d4398ecd7e58f65d1c79231affected
LinuxLinux4fe238513407d83f38bf5782e8bcdd7b8baeb85d < 3f4422e7c9436abf81a00270be7e4d6d3760ec0eaffected
LinuxLinux6.16affected
LinuxLinux0 < 6.16unaffected
LinuxLinux6.16.4 <= 6.16.*unaffected
LinuxLinux6.17 <= *unaffected

Weaknesses

References