Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-39935— ASoC: codec: sma1307: Fix memory corruption in sma1307_setting_loaded()

EPSS 0.02% · P7
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-39935

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
ASoC: codec: sma1307: Fix memory corruption in sma1307_setting_loaded()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ASoC: codec: sma1307: Fix memory corruption in sma1307_setting_loaded() The sma1307->set.header_size is how many integers are in the header (there are 8 of them) but instead of allocating space of 8 integers we allocate 8 bytes. This leads to memory corruption when we copy data it on the next line: memcpy(sma1307->set.header, data, sma1307->set.header_size * sizeof(int)); Also since we're immediately copying over the memory in ->set.header, there is no need to zero it in the allocator. Use devm_kmalloc_array() to allocate the memory instead.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于sma1307_setting_loaded函数中内存分配不当,可能导致内存损坏。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 576c57e6b4c1d734bcb7cc33dde9a99a9383b520 ~ cd59ca8f75dbb42a67fcae975c766114644e36c4 -
LinuxLinux 6.13 -

II. Public POCs for CVE-2025-39935

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-39935

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-10-04 · 144 CVEs total

CVE-2025-399469.8 CRITICALtls: make sure to abort the stream if headers are bogus
CVE-2022-50491coresight: cti: Fix hang in cti_disable_hw()
CVE-2023-53581net/mlx5e: Check for NOT_READY flag state after locking
CVE-2023-53580USB: Gadget: core: Help prevent panic during UVC unconfigure
CVE-2022-50507fs/ntfs3: Validate data run offset
CVE-2022-50508wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power
CVE-2022-50506drbd: only clone bio if we have a backing device
CVE-2022-50504powerpc/rtas: avoid scheduling in rtas_os_term()
CVE-2022-50505iommu/amd: Fix pci device refcount leak in ppr_notifier()
CVE-2022-50503mtd: lpddr2_nvm: Fix possible null-ptr-deref
CVE-2022-50501media: coda: Add check for dcoda_iram_alloc
CVE-2022-50500netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed
CVE-2022-50499media: dvb-core: Fix double free in dvb_register_device()
CVE-2022-50497binfmt_misc: fix shift-out-of-bounds in check_special_flags
CVE-2022-50498eth: alx: take rtnl_lock on resume
CVE-2022-50496dm cache: Fix UAF in destroy()
CVE-2022-50494thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
CVE-2022-50493scsi: qla2xxx: Fix crash when I/O abort times out
CVE-2022-50492drm/msm: fix use-after-free on probe deferral
CVE-2023-53572clk: imx: scu: use _safe list iterator to avoid a use after free

Showing top 20 of 144 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-39935

No comments yet

Leave a comment