Buffer overflow in Linux kernel - CVE-2025-39751
Published: September 16, 2025
Vulnerability identifier: #VU115536
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-39751
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the add_tuning_control() function in sound/pci/hda/patch_ca0132.c. A local user can escalate privileges on the system.
How to mitigate CVE-2025-39751
Install update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/04fa6f5e94034654da3505d9e908dd9090f0e83c
- https://git.kernel.org/stable/c/0de69bc9b3661e16c4b08b34949529553906f5e1
- https://git.kernel.org/stable/c/195e4cec1007c34ddeb0ce61ef14ce9ab312544f
- https://git.kernel.org/stable/c/417407cdf587e3ae41a0e728daa562ee88fc1bd6
- https://git.kernel.org/stable/c/86a024a5a521da362fb67a3a6a84f54331503326
- https://git.kernel.org/stable/c/a409c60111e6bb98fcabab2aeaa069daa9434ca0
- https://git.kernel.org/stable/c/c2dacfe495b72699a9480c95f8eef2285042e474
- https://git.kernel.org/stable/c/cf494138b9d7f78bcb510b9ea5f5faa6e882a7a3
- https://git.kernel.org/stable/c/fb8116c38d67d6e23f3b5e34bbc8d9f8c12e81e5