Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol->ipc_control_data for bytes controls is: [1] sizeof(struct sof_ipc4_control_data) + // kernel only struct [2] sizeof(struct sof_abi_hdr)) + payload The max_size specifies the size of [2] and it is coming from topology. Change the function to take this into account and allocate adequate amount of memory behind scontrol->ipc_control_data. With the change we will allocate [1] amount more memory to be able to hold the full size of data.

INFO

Published Date :

2026-05-06T11:32:19.468Z

Last Modified :

2026-05-06T11:32:19.468Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-71286 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-71286.

URL Resource
https://git.kernel.org/stable/c/1237cd9ff198cb882402572f29569e5247190974 cve-icon cve-icon
https://git.kernel.org/stable/c/491956b45b5f4933632ea6d8a8bdfdf045ab81e1 cve-icon cve-icon
https://git.kernel.org/stable/c/59fe643f21b9d59bcbedb0dfbf988ee455c23736 cve-icon cve-icon
https://git.kernel.org/stable/c/a653820700b81c9e6f05ac23b7969ecec1a18e85 cve-icon cve-icon
https://git.kernel.org/stable/c/a704a1a4394b5877b9adc31b2c3165ad0b541896 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026050630-CVE-2025-71286-9591@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-71286 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-71286 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact