CVE-2025-38330

Published: Jul 10, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache) KASAN reported out of bounds access - cs_dsp_ctl_cache_init_multiple_offsets(). The code uses mock_coeff_template.length_bytes (4 bytes) for register value allocations. But later, this length is set to 8 bytes which causes test code failures. As fix, just remove the lenght override, keeping the original value 4 for all operations.

Vendor	Product	Versions
Linux	Linux	affected `9b33a4fc500cedc1adc9c0ee01e30ffd50e5887a - < e3dafc64b90546eb769f33333afabd9e3e915757` affected `9b33a4fc500cedc1adc9c0ee01e30ffd50e5887a - < f4ba2ea57da51d616b689c4b8826c517ff5a8523`
Linux	Linux	affected `6.14` unaffected `0 - < 6.14` unaffected `6.15.4 - <= 6.15.` unaffected `6.16 - <= `

References

https://git.kernel.org/stable/c/e3dafc64b90546eb769f33333afabd9e3e915757

https://git.kernel.org/stable/c/f4ba2ea57da51d616b689c4b8826c517ff5a8523

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-38330

Description

Affected Products

References