SB20250916277 - Buffer overflow in Linux kernel pci hda
Published: September 16, 2025
Security Bulletin ID
SB20250916277
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Buffer overflow (CVE-ID: CVE-2025-39751)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the add_tuning_control() function in sound/pci/hda/patch_ca0132.c. A local user can escalate privileges on the system.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/04fa6f5e94034654da3505d9e908dd9090f0e83c
- https://git.kernel.org/stable/c/0de69bc9b3661e16c4b08b34949529553906f5e1
- https://git.kernel.org/stable/c/195e4cec1007c34ddeb0ce61ef14ce9ab312544f
- https://git.kernel.org/stable/c/417407cdf587e3ae41a0e728daa562ee88fc1bd6
- https://git.kernel.org/stable/c/86a024a5a521da362fb67a3a6a84f54331503326
- https://git.kernel.org/stable/c/a409c60111e6bb98fcabab2aeaa069daa9434ca0
- https://git.kernel.org/stable/c/c2dacfe495b72699a9480c95f8eef2285042e474
- https://git.kernel.org/stable/c/cf494138b9d7f78bcb510b9ea5f5faa6e882a7a3
- https://git.kernel.org/stable/c/fb8116c38d67d6e23f3b5e34bbc8d9f8c12e81e5