PT-2025-37210 · Linux+7 · Linux Kernel+7

Published

2025-06-10

·

Updated

2026-05-26

·

CVE-2025-39751

CVSS v2.0

3.5

Low

VectorAV:L/AC:H/Au:S/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: A buffer overflow issue was identified in the add tuning control function within the ALSA subsystem. The sprintf function call could exceed the allocated buffer size of 44 bytes if the input string arguments were excessively long, leading to a potential buffer overflow. This issue was addressed by replacing sprintf with snprintf to limit string lengths and prevent the overflow.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Weakness Enumeration

CWE-120

Related Identifiers

ALSA-2025:18297
ALSA-2025:18298
BDU:2025-16080
CESA-2025_18297
CESA-2025_18298
CVE-2025-39751
DSA-6009-1
ECHO-0C9F-0513-DAE6
INFSA-2025_18297
INFSA-2025_18298
INFSA-2025_19105
OESA-2025-2764
OESA-2025-2765
OESA-2025-2766
OESA-2025-2767
OESA-2025-2769
OPENSUSE-SU-2025:20081-1
RHSA-2025:18297
RHSA-2025:18298
RHSA-2025:19104
RHSA-2025:19105
RHSA-2025:19106
RHSA-2025:19222
RHSA-2025:19223
RHSA-2025:19224
RHSA-2025:21118
RHSA-2025_18297
RHSA-2025_18298
RHSA-2025_19105
SUSE-SU-2025:03600-1
SUSE-SU-2025:03613-1
SUSE-SU-2025:03614-1
SUSE-SU-2025:03615-1
SUSE-SU-2025:03626-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3716-1
SUSE-SU-2025:3751-1
SUSE-SU-2025:3761-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4141-1

Affected Products

Almalinux
Centos
Debian
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse