CVE-2025-68346Out-of-bounds Write in Linux

CWE-787Out-of-bounds Write40 documents8 sources
Severity
7.8HIGHOSV
OSV7.2
No vector
EPSS
0.1%
top 79.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
LinuxLinux KernelDebian Linux+10 more
Timeline
PublishedDec 24
Latest updateApr 17

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detect_stream_formats() The function detect_stream_formats() reads the stream_count value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious device provides a stream_count value greater than MAX_STREAMS. Fix by applying the same validation to both TX and RX stream counts in detect_stream_formats().

Affected Packages15 packages

Linuxlinux/linux_kernel4.18.05.10.248+6
Debianlinux/linux_kernel< 5.10.249-1+3
Ubuntulinux/linux_kernel< 5.15.0-173.183+1

🔴Vulnerability Details

16
OSV
linux-oem-6.17 vulnerabilities2026-04-06
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-raspi vulnerabilities2026-04-01
OSV
linux-azure, linux-azure-6.17 vulnerabilities2026-03-25
OSV
linux-intel-iot-realtime vulnerabilities2026-03-23

📋Vendor Advisories

22
Ubuntu
Linux kernel (FIPS) vulnerabilities2026-04-17
Ubuntu
Linux kernel (Real-time) vulnerabilities2026-04-17
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2026-04-17
Ubuntu
Linux kernel vulnerabilities2026-04-16
Ubuntu
Linux kernel (Azure) vulnerabilities2026-04-13

🕵️Threat Intelligence

1
Wiz
CVE-2025-68346 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-68346 — Out-of-bounds Write in Linux | cvebase