Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdep_read() could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header size (8 bytes). Fix by using min_t() to clamp the copy size, This ensures we never copy more than the user requested.

INFO

Published Date :

2025-12-24T10:32:39.804Z

Last Modified :

2026-02-09T08:31:36.281Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-68347 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-68347.

URL Resource
https://git.kernel.org/stable/c/161291bac551821bba98eb4ea84c82338578d1b0 cve-icon cve-icon
https://git.kernel.org/stable/c/16620f0617400746984362c3d6ac547eeae1d35f cve-icon cve-icon
https://git.kernel.org/stable/c/210d77cca3d0494ed30a5c628b20c1d95fa04fb1 cve-icon cve-icon
https://git.kernel.org/stable/c/6275fd726d53a8ec724f20201cf3bd862711e17b cve-icon cve-icon
https://git.kernel.org/stable/c/cdda0d06f8650e33255f79839f188bbece44117c cve-icon cve-icon
https://git.kernel.org/stable/c/ddd32ec66bc4eb6969fe835e4cc1c0706c6348fe cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025122453-CVE-2025-68347-74dd@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-68347 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-68347 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact