CVE-2025-37891 ALSA: ump: Fix buffer overflow at UMP SysEx message conversion

In the Linux kernel, the following vulnerability has been resolved: ALSA: ump: Fix buffer overflow at UMP SysEx message conversion The conversion function from MIDI 1.0 to UMP packet contains an internal buffer to keep the incoming MIDI bytes, and its size is 4, as it was supposed to be the max...

The vulnerability in the implementation of the MIDI protocol in Linux kernel allows attackers to increase their privileges.

The vulnerability of the Linux operating system’s MIDI kernel implementation relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to increase their privileges...