CVE-2025-37889— Linux kernel 安全漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2025-37889の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
ASoC: ops: Consistently treat platform_max as control value
ソース: NVD (National Vulnerability Database)
脆弱性説明
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Consistently treat platform_max as control value This reverts commit 9bdd10d57a88 ("ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min"), and makes some additional related updates. There are two ways the platform_max could be interpreted; the maximum register value, or the maximum value the control can be set to. The patch moved from treating the value as a control value to a register one. When the patch was applied it was technically correct as snd_soc_limit_volume() also used the register interpretation. However, even then most of the other usages treated platform_max as a control value, and snd_soc_limit_volume() has since been updated to also do so in commit fb9ad24485087 ("ASoC: ops: add correct range check for limiting volume"). That patch however, missed updating snd_soc_put_volsw() back to the control interpretation, and fixing snd_soc_info_volsw_range(). The control interpretation makes more sense as limiting is typically done from the machine driver, so it is appropriate to use the customer facing representation rather than the internal codec representation. Update all the code to consistently use this interpretation of platform_max. Finally, also add some comments to the soc_mixer_control struct to hopefully avoid further patches switching between the two approaches.
ソース: NVD (National Vulnerability Database)
CVSS情報
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
N/A
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Linux kernel 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于未正确处理platform_max控制值,可能导致音量限制错误。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
II. CVE-2025-37889の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2025-37889のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Linux · 2025-05-09 · 52 CVEs total
| CVE-2025-37873 | eth: bnxt: fix missing ring index trim on error path | |
| CVE-2025-37888 | net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() | |
| CVE-2025-37887 | pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result | |
| CVE-2025-37882 | usb: xhci: Fix isochronous Ring Underrun/Overrun event handling | |
| CVE-2025-37885 | KVM: x86: Reset IRTE to host control if *new* route isn't postable | |
| CVE-2025-37884 | bpf: Fix deadlock between rcu_tasks_trace and event_mutex. | |
| CVE-2025-37883 | s390/sclp: Add check for get_zeroed_page() | |
| CVE-2025-37886 | pds_core: make wait_context part of q_info | |
| CVE-2025-37875 | igc: fix PTM cycle trigger logic | |
| CVE-2025-37874 | net: ngbe: fix memory leak in ngbe_probe() error path | |
| CVE-2025-37876 | netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS | |
| CVE-2025-37872 | net: txgbe: fix memory leak in txgbe_probe() error path | |
| CVE-2025-37871 | nfsd: decrease sc_count directly if fail to queue dl_recall | |
| CVE-2025-37870 | drm/amd/display: prevent hang on link training fail | |
| CVE-2025-37869 | drm/xe: Use local fence in error path of xe_migrate_clear | |
| CVE-2025-37868 | drm/xe/userptr: fix notifier vs folio deadlock | |
| CVE-2025-37867 | RDMA/core: Silence oversized kvmalloc() warning | |
| CVE-2025-37866 | mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show() | |
| CVE-2025-37865 | net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported | |
| CVE-2025-37864 | net: dsa: clean up FDB, MDB, VLAN entries on unbind |
Showing 20 of 52 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
同じベンダー: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. CVE-2025-37889へのコメント
まだコメントはありません