CVE-2025-68281

Linux Kernel - Denial of Service via Mipi-Sdca-Control-Cn-List Parsing

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdca_control" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdca_parse_function API. This patch addresses the issue by allocating correct data size.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/fcd5786b506c51cbabc2560c68e040d8dba22a0d

Patch

https://git.kernel.org/stable/c/eb2d6774cc0d9d6ab8f924825695a85c14b2e0c2

Scores

EPSS 0.0003

EPSS Percentile 9.0%

Details

Status published

Products (7)

linux/Kernel 6.17.0 - 6.17.12linux

Linux/Linux < 6.17

Linux/Linux 50a479527ef01f9b36dde1803a7e81741a222509 - eb2d6774cc0d9d6ab8f924825695a85c14b2e0c2

Linux/Linux 50a479527ef01f9b36dde1803a7e81741a222509 - fcd5786b506c51cbabc2560c68e040d8dba22a0d

Linux/Linux 6.17

Linux/Linux 6.17.12 - 6.17.*

Linux/Linux 6.18

Published Dec 16, 2025

Tracked Since Feb 18, 2026