4 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-39765
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally...
SUSE CVE-2025-39765
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...
DEBIAN-CVE-2025-39765
In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: fix idafree call while not allocated In the sndutimercreate function, if the kasprintf function return NULL, sndutimerputid will be called, finally use idafree to free the unallocated id 0. the syzkaller reported the...
CVE-2025-39765
CVE-2025-39765 affects Linux kernel ALSA timer handling. The issue is in snd_utimer_create() where, if kasprintf() returns NULL, snd_utimer_put_id() frees an ID that was never allocated, leading to ida_free() being called on id=0. The root cause is that utimer->id is not guaranteed to be valid...