Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-68819— media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()

EPSS 0.05% · P16
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-68819

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() rlen value is a user-controlled value, but dtv5100_i2c_msg() does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeof(st->data), an out-of-bounds vuln occurs for st->data. Therefore, we need to add proper range checking to prevent this vuln.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于未对用户控制的rlen值进行边界检查,可能导致越界写入。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux 60688d5e6e6e2ae62f29762d1e3b2aec2dbd3817 ~ c2c293ea7b61f12cdaad1e99a5b4efc58c88960a -
LinuxLinux 2.6.28 -

II. Public POCs for CVE-2025-68819

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-68819

登录查看更多情报信息。

Same Patch Batch · Linux · 2026-01-13 · 93 CVEs total

CVE-2025-710897.8 HIGHiommu: disable SVA when CONFIG_X86 is set
CVE-2025-71069f2fs: invalidate dentry cache on failed whiteout creation
CVE-2025-71068svcrdma: bound check rq_pages index in inline path
CVE-2025-71065f2fs: fix to avoid potential deadlock
CVE-2025-68821fuse: fix readahead reclaim deadlock
CVE-2025-68820ext4: xattr: fix null pointer deref in ext4_raw_inode()
CVE-2025-68818scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"
CVE-2025-68817ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
CVE-2025-68816net/mlx5: fw_tracer, Validate format string parameters
CVE-2025-68823ublk: fix deadlock when reading partition table
CVE-2025-71067ntfs: set dummy blocksize to read boot_block when mounting
CVE-2025-71071iommu/mediatek: fix use-after-free on probe deferral
CVE-2025-71070ublk: clean up user copy references on ublk server exit
CVE-2025-71072shmem: fix recovery on rename failures
CVE-2025-71073Input: lkkbd - disable pending work before freeing device
CVE-2025-71074functionfs: fix the open/removal races
CVE-2025-71075scsi: aic94xx: fix use-after-free in device removal path
CVE-2025-71077tpm: Cap the number of PCR banks
CVE-2025-71076drm/xe/oa: Limit num_syncs to prevent oversized allocations
CVE-2025-71078powerpc/64s/slb: Fix SLB multihit issue during SLB preload

Showing top 20 of 93 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-68819

No comments yet

Leave a comment