-

CVE-2025-38729

EPSS 0.05%
Veröffentlicht 04.09.2025 15:33:26
Zuletzt bearbeitet 05.09.2025 17:47:24
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Validate UAC3 power domain descriptors, too

UAC3 power domain descriptors need to be verified with its variable
bLength for avoiding the unexpected OOB accesses by malicious
firmware, too.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 1666207ba0a5973735ef010812536adde6174e81

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

Version < ebc9e06b6ea978a20abf9b87d41afc51b2d745ac

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

Version < f03418bb9d542f44df78eec2eff4ac83c0a8ac0d

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

Version < 40714daf4d0448e1692c78563faf0ed0f9d9b5c7

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

Version < 07c8d78dbb5e0ff8b23f7fd69cd1d4e2ba22b3dc

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

Version < cd08d390d15b204cac1d3174f5f149a20c52e61a

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

Version < 29b415ec09f5b9d1dfa2423b826725a8c8796b9a

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

Version < 452ad54f432675982cc0d6eb6c40a6c86ac61dbd

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

Version < d832ccbc301fbd9e5a1d691bdcf461cdb514595f

Version 9a2fe9b801f585baccf8352d82839dcd54b300cf

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.17

Status affected

Version < 4.17

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.297

Status unaffected

Version <= 5.10.*

Version 5.10.241

Status unaffected

Version <= 5.15.*

Version 5.15.190

Status unaffected

Version <= 6.1.*

Version 6.1.149

Status unaffected

Version <= 6.6.*

Version 6.6.103

Status unaffected

Version <= 6.12.*

Version 6.12.43

Status unaffected

Version <= 6.15.*

Version 6.15.11

Status unaffected

Version <= 6.16.*

Version 6.16.2

Status unaffected

Version <= *

Version 6.17-rc2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.143

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/1666207ba0a5973735ef010812536adde6174e81

https://git.kernel.org/stable/c/ebc9e06b6ea978a20abf9b87d41afc51b2d745ac

https://git.kernel.org/stable/c/f03418bb9d542f44df78eec2eff4ac83c0a8ac0d

https://git.kernel.org/stable/c/40714daf4d0448e1692c78563faf0ed0f9d9b5c7

https://git.kernel.org/stable/c/07c8d78dbb5e0ff8b23f7fd69cd1d4e2ba22b3dc

https://git.kernel.org/stable/c/cd08d390d15b204cac1d3174f5f149a20c52e61a

https://git.kernel.org/stable/c/29b415ec09f5b9d1dfa2423b826725a8c8796b9a

https://git.kernel.org/stable/c/452ad54f432675982cc0d6eb6c40a6c86ac61dbd

https://git.kernel.org/stable/c/d832ccbc301fbd9e5a1d691bdcf461cdb514595f

https://nvd.nist.gov/vuln/detail/CVE-2025-38729

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-38729

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-38729

EUVD