CVE-2025-38307

Published: Jul 10, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Verify content returned by parse_int_array() The first element of the returned array stores its length. If it is 0, any manipulation beyond the element at index 0 ends with null-ptr-deref.

Vendor	Product	Versions
Linux	Linux	affected `5a565ba23abe478f3d4c3b0c8798bcb5215b82f5 - < cc03c899e6d9812b25c3754c9a95c3830c4aec26` affected `5a565ba23abe478f3d4c3b0c8798bcb5215b82f5 - < 18ff538aac63de1866e5a49d57e22788b5c21d12` affected `5a565ba23abe478f3d4c3b0c8798bcb5215b82f5 - < 2916794ffbce604cc2cda105f6b8a4a7c748dd7f` affected `5a565ba23abe478f3d4c3b0c8798bcb5215b82f5 - < 93e246b6769bdacb09cfff4ea0f00fe5ab4f0d7a`
Linux	Linux	affected `6.2` unaffected `0 - < 6.2` unaffected `6.6.94 - <= 6.6.` unaffected `6.12.34 - <= 6.12.` unaffected `6.15.3 - <= 6.15.*` +1 more versions

References

https://git.kernel.org/stable/c/cc03c899e6d9812b25c3754c9a95c3830c4aec26

https://git.kernel.org/stable/c/18ff538aac63de1866e5a49d57e22788b5c21d12

https://git.kernel.org/stable/c/2916794ffbce604cc2cda105f6b8a4a7c748dd7f

https://git.kernel.org/stable/c/93e246b6769bdacb09cfff4ea0f00fe5ab4f0d7a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38307

Description

Affected Products

References