CVE-2025-68344

Linux Kernel - Integer Overflow in ALSA Wavefront Sample Size Validation

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: wavefront: Fix integer overflow in sample size validation The wavefront_send_sample() function has an integer overflow issue when validating sample size. The header->size field is u32 but gets cast to int for comparison with dev->freemem Fix by using unsigned comparison to avoid integer overflow.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/488bf86d60077f52810c60dbdf7468c277880167

Patch

https://git.kernel.org/stable/c/d2f5d8cf1eadb7b33e476f59aa9c6653e4f2b937

Patch

https://git.kernel.org/stable/c/4f811071e702fbb74933526e2fbadf8c4ed0c0c4

Patch

https://git.kernel.org/stable/c/02b63f3bc29265bd9e83191792d200ed563acacf

Patch

https://git.kernel.org/stable/c/5588b7c86effffa9bb55383a38800649d7b40778

Patch

https://git.kernel.org/stable/c/bca11de0a277b8baeb7d006f93b543c907b6e782

Patch

https://git.kernel.org/stable/c/1823e08f76c68b9e1d26f6d5ef831b96f61a62a0

Patch

https://git.kernel.org/stable/c/0c4a13ba88594fd4a27292853e736c6b4349823d

Scores

EPSS 0.0005

EPSS Percentile 15.3%

Details

Status published

Products (25)

linux/Kernel 2.6.12 - 5.10.248linux

linux/Kernel 5.11.0 - 5.15.198linux

linux/Kernel 5.16.0 - 6.1.160linux

linux/Kernel 6.13.0 - 6.17.13linux

linux/Kernel 6.18.0 - 6.18.2linux

linux/Kernel 6.2.0 - 6.6.120linux

linux/Kernel 6.7.0 - 6.12.63linux

Linux/Linux < 2.6.12

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 02b63f3bc29265bd9e83191792d200ed563acacf

Linux/Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 0c4a13ba88594fd4a27292853e736c6b4349823d

... and 15 more

Published Dec 24, 2025

Tracked Since Feb 18, 2026