kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 cluster segment descriptors UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwis...

CVE-2025-39757

CVE-2025-39757 is a Linux kernel/ALSA USB-audio issue where UAC3 cluster segment descriptors were not validated for sizes against declared lengths or allocated buffers, enabling potential out-of-bounds (OOB) access. Connected advisories (Astra Linux and kernel security bulletins) confirm the vuln...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to trigger a service failure.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

The vulnerabilities of Adobe Reader and Adobe Reader Document Cloud, as well as Adobe Acrobat and Adobe Acrobat Document Cloud, allow a perpetrator to trigger service interruptions or execute arbitrary codes.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Adobe Reader Document Cloud, as well as PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, are due to an operation that goes beyond the buffer boundaries in memory. Exploiting these vulnerabilities can allo...