CVE-2025-39757
Description
In the Linux kernel, the following vulnerability has been resolved:
ALSA: usb-audio: Validate UAC3 cluster segment descriptors
UAC3 class segment descriptors need to be verified whether their sizes match with the declared lengths and whether they fit with the allocated buffer sizes, too. Otherwise malicious firmware may lead to the unexpected OOB accesses.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In the Linux kernel, missing validation of UAC3 cluster segment descriptors in the ALSA USB-audio driver could allow malicious firmware to cause out-of-bounds access.
Vulnerability
Description
The ALSA USB-audio driver in the Linux kernel fails to validate UAC3 cluster segment descriptors. Specifically, it does not verify that the declared length of these descriptors matches the actual size nor that they fit within the allocated buffer. This flaw can be exploited by a malicious USB audio device providing crafted descriptors [1][2].
Exploitation
An attacker with physical access or the ability to connect a USB device can exploit this vulnerability by supplying a malformed UAC3 cluster segment descriptor. No authentication is required; the vulnerability is triggered upon device enumeration [1].
Impact
Successful exploitation can lead to out-of-bounds memory reads or writes, potentially causing a system crash, information disclosure, or privilege escalation in the kernel context [1][2].
Mitigation
The Linux kernel has been patched in stable releases. Users should update to the latest kernel version. Siemens advisory SSA-032379 also lists affected products (e.g., SIMATIC CN 4100) and recommends upgrading to V5.0 [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Linux/Linuxv5Range: 4.19
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- git.kernel.org/stable/c/1034719fdefd26caeec0a44a868bb5a412c2c1a5nvdPatch
- git.kernel.org/stable/c/275e37532e8ebe25e8a4069b2d9f955bfd202a46nvdPatch
- git.kernel.org/stable/c/47ab3d820cb0a502bd0074f83bb3cf7ab5d79902nvdPatch
- git.kernel.org/stable/c/786571b10b1ae6d90e1242848ce78ee7e1d493c4nvdPatch
- git.kernel.org/stable/c/799c06ad4c9c790c265e8b6b94947213f1fb389cnvdPatch
- git.kernel.org/stable/c/7ef3fd250f84494fb2f7871f357808edaa1fc6cenvdPatch
- git.kernel.org/stable/c/ae17b3b5e753efc239421d186cd1ff06e5ac296envdPatch
- git.kernel.org/stable/c/dfdcbcde5c20df878178245d4449feada7d5b201nvdPatch
- git.kernel.org/stable/c/ecfd41166b72b67d3bdeb88d224ff445f6163869nvdPatch
- lists.debian.org/debian-lts-announce/2025/10/msg00007.htmlnvdMailing ListThird Party Advisory
- lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlnvdMailing ListThird Party Advisory
- cert-portal.siemens.com/productcert/html/ssa-032379.htmlnvd
News mentions
1- Siemens SIMATICCISA ICS Advisories