CVE-2025-71286
Published: May 6, 2026
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol->ipc_control_data for bytes controls is: [1] sizeof(struct sof_ipc4_control_data) + // kernel only struct [2] sizeof(struct sof_abi_hdr)) + payload The max_size specifies the size of [2] and it is coming from topology. Change the function to take this into account and allocate adequate amount of memory behind scontrol->ipc_control_data. With the change we will allocate [1] amount more memory to be able to hold the full size of data.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected a382082ff74b036944cbc5b6ad29b65f633acd3a - < 59fe643f21b9d59bcbedb0dfbf988ee455c23736affected a382082ff74b036944cbc5b6ad29b65f633acd3a - < 491956b45b5f4933632ea6d8a8bdfdf045ab81e1affected a382082ff74b036944cbc5b6ad29b65f633acd3a - < a704a1a4394b5877b9adc31b2c3165ad0b541896affected a382082ff74b036944cbc5b6ad29b65f633acd3a - < 1237cd9ff198cb882402572f29569e5247190974affected a382082ff74b036944cbc5b6ad29b65f633acd3a - < a653820700b81c9e6f05ac23b7969ecec1a18e85 |
Linux | Linux | affected 6.4unaffected 0 - < 6.4unaffected 6.6.128 - <= 6.6.*unaffected 6.12.75 - <= 6.12.*unaffected 6.18.16 - <= 6.18.*+2 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now