-

CVE-2025-68347

EPSS 0.04%
Veröffentlicht 24.12.2025 10:32:39
Zuletzt bearbeitet 11.01.2026 17:15:55
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

The DSP event handling code in hwdep_read() could write more bytes to
the user buffer than requested, when a user provides a buffer smaller
than the event header size (8 bytes).

Fix by using min_t() to clamp the copy size, This ensures we never copy
more than the user requested.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 16620f0617400746984362c3d6ac547eeae1d35f

Version 634ec0b2906efd46f6f57977e172aa3470aca432

Status affected

Version < ddd32ec66bc4eb6969fe835e4cc1c0706c6348fe

Version 634ec0b2906efd46f6f57977e172aa3470aca432

Status affected

Version < 6275fd726d53a8ec724f20201cf3bd862711e17b

Version 634ec0b2906efd46f6f57977e172aa3470aca432

Status affected

Version < 161291bac551821bba98eb4ea84c82338578d1b0

Version 634ec0b2906efd46f6f57977e172aa3470aca432

Status affected

Version < cdda0d06f8650e33255f79839f188bbece44117c

Version 634ec0b2906efd46f6f57977e172aa3470aca432

Status affected

Version < 210d77cca3d0494ed30a5c628b20c1d95fa04fb1

Version 634ec0b2906efd46f6f57977e172aa3470aca432

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.16

Status affected

Version < 5.16

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.160

Status unaffected

Version <= 6.6.*

Version 6.6.120

Status unaffected

Version <= 6.12.*

Version 6.12.63

Status unaffected

Version <= 6.17.*

Version 6.17.13

Status unaffected

Version <= 6.18.*

Version 6.18.2

Status unaffected

Version <= *

Version 6.19-rc1

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.132

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/6275fd726d53a8ec724f20201cf3bd862711e17b

https://git.kernel.org/stable/c/161291bac551821bba98eb4ea84c82338578d1b0

https://git.kernel.org/stable/c/cdda0d06f8650e33255f79839f188bbece44117c

https://git.kernel.org/stable/c/210d77cca3d0494ed30a5c628b20c1d95fa04fb1

https://git.kernel.org/stable/c/16620f0617400746984362c3d6ac547eeae1d35f

https://git.kernel.org/stable/c/ddd32ec66bc4eb6969fe835e4cc1c0706c6348fe

https://nvd.nist.gov/vuln/detail/CVE-2025-68347

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-68347

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-68347

EUVD