CVE-2025-38329

CVSS v2.0

7.7

High

Vector

AV:A/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Linux Kernel (affected versions not specified)

Description: The Linux kernel contains a flaw within the cs dsp firmware component. A KUnit test revealed an out-of-bounds (OOB) memory read access due to incorrect string length handling during the allocation of source strings in the cs dsp mock wmfw add info() function.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-770

Related Identifiers

BDU:2025-10741

CVE-2025-38329

ECHO-89B2-BA2A-32EA

RHSA-2025:20095

USN-7833-1

USN-7833-2

USN-7833-3

USN-7833-4

USN-7834-1

USN-7856-1

Affected Products

Astra Linux

Debian

Linux Kernel

Linuxmint

Ubuntu

CVE-2025-38329

Weakness Enumeration

Related Identifiers

Affected Products

References · 209