VYPR
High severity7.8NVD Advisory· Published Sep 4, 2025· Updated May 12, 2026

CVE-2025-38729

CVE-2025-38729

Description

In the Linux kernel, the following vulnerability has been resolved:

ALSA: usb-audio: Validate UAC3 power domain descriptors, too

UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

123

Patches

Vulnerability mechanics

References

12

News mentions

1