{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-39757", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T07:20:57.125Z", "datePublished": "2025-09-11T16:52:26.900Z", "dateUpdated": "2025-09-11T16:52:26.900Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-11T16:52:26.900Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Validate UAC3 cluster segment descriptors\n\nUAC3 class segment descriptors need to be verified whether their sizes\nmatch with the declared lengths and whether they fit with the\nallocated buffer sizes, too. Otherwise malicious firmware may lead to\nthe unexpected OOB accesses."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/usb/stream.c"], "versions": [{"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "799c06ad4c9c790c265e8b6b94947213f1fb389c", "status": "affected", "versionType": "git"}, {"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "786571b10b1ae6d90e1242848ce78ee7e1d493c4", "status": "affected", "versionType": "git"}, {"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "275e37532e8ebe25e8a4069b2d9f955bfd202a46", "status": "affected", "versionType": "git"}, {"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "47ab3d820cb0a502bd0074f83bb3cf7ab5d79902", "status": "affected", "versionType": "git"}, {"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "1034719fdefd26caeec0a44a868bb5a412c2c1a5", "status": "affected", "versionType": "git"}, {"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "ae17b3b5e753efc239421d186cd1ff06e5ac296e", "status": "affected", "versionType": "git"}, {"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "dfdcbcde5c20df878178245d4449feada7d5b201", "status": "affected", "versionType": "git"}, {"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "7ef3fd250f84494fb2f7871f357808edaa1fc6ce", "status": "affected", "versionType": "git"}, {"version": "11785ef53228d23ec386f5fe4a34601536f0c891", "lessThan": "ecfd41166b72b67d3bdeb88d224ff445f6163869", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["sound/usb/stream.c"], "versions": [{"version": "4.19", "status": "affected"}, {"version": "0", "lessThan": "4.19", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.297", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.241", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.190", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.149", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.103", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.43", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.15.11", "lessThanOrEqual": "6.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.16.2", "lessThanOrEqual": "6.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.17-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "5.4.297"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "5.10.241"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "5.15.190"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.1.149"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.6.103"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.12.43"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.15.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.16.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19", "versionEndExcluding": "6.17-rc2"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/799c06ad4c9c790c265e8b6b94947213f1fb389c"}, {"url": "https://git.kernel.org/stable/c/786571b10b1ae6d90e1242848ce78ee7e1d493c4"}, {"url": "https://git.kernel.org/stable/c/275e37532e8ebe25e8a4069b2d9f955bfd202a46"}, {"url": "https://git.kernel.org/stable/c/47ab3d820cb0a502bd0074f83bb3cf7ab5d79902"}, {"url": "https://git.kernel.org/stable/c/1034719fdefd26caeec0a44a868bb5a412c2c1a5"}, {"url": "https://git.kernel.org/stable/c/ae17b3b5e753efc239421d186cd1ff06e5ac296e"}, {"url": "https://git.kernel.org/stable/c/dfdcbcde5c20df878178245d4449feada7d5b201"}, {"url": "https://git.kernel.org/stable/c/7ef3fd250f84494fb2f7871f357808edaa1fc6ce"}, {"url": "https://git.kernel.org/stable/c/ecfd41166b72b67d3bdeb88d224ff445f6163869"}], "title": "ALSA: usb-audio: Validate UAC3 cluster segment descriptors", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Validate UAC3 cluster segment descriptors\n\nUAC3 class segment descriptors need to be verified whether their sizes\nmatch with the declared lengths and whether they fit with the\nallocated buffer sizes, too. Otherwise malicious firmware may lead to\nthe unexpected OOB accesses."}], "id": "CVE-2025-39757", "lastModified": "2025-09-15T15:22:38.297", "metrics": {}, "published": "2025-09-11T17:15:39.503", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1034719fdefd26caeec0a44a868bb5a412c2c1a5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/275e37532e8ebe25e8a4069b2d9f955bfd202a46"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/47ab3d820cb0a502bd0074f83bb3cf7ab5d79902"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/786571b10b1ae6d90e1242848ce78ee7e1d493c4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/799c06ad4c9c790c265e8b6b94947213f1fb389c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7ef3fd250f84494fb2f7871f357808edaa1fc6ce"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ae17b3b5e753efc239421d186cd1ff06e5ac296e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/dfdcbcde5c20df878178245d4449feada7d5b201"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ecfd41166b72b67d3bdeb88d224ff445f6163869"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors", "id": "2394615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394615"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2025-39757", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-11T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-39757\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-39757\nhttps://lore.kernel.org/linux-cve-announce/2025091144-CVE-2025-39757-e212@gregkh/T"], "threat_severity": "Important"}