{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T18:53:51.247","vulnerabilities":[{"cve":{"id":"CVE-2025-68783","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-01-13T16:15:58.000","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-mixer: us16x08: validate meter packet indices\n\nget_meter_levels_from_urb() parses the 64-byte meter packets sent by\nthe device and fills the per-channel arrays meter_level[],\ncomp_level[] and master_level[] in struct snd_us16x08_meter_store.\n\nCurrently the function derives the channel index directly from the\nmeter packet (MUB2(meter_urb, s) - 1) and uses it to index those\narrays without validating the range. If the packet contains a\nnegative or out-of-range channel number, the driver may write past\nthe end of these arrays.\n\nIntroduce a local channel variable and validate it before updating the\narrays. We reject negative indices, limit meter_level[] and\ncomp_level[] to SND_US16X08_MAX_CHANNELS, and guard master_level[]\nupdates with ARRAY_SIZE(master_level)."},{"lang":"es","value":"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\n\nALSA: usb-mixer: us16x08: validar los índices de los paquetes de medidor\n\nget_meter_levels_from_urb() analiza los paquetes de medidor de 64 bytes enviados por el dispositivo y rellena los arrays por canal meter_level[], comp_level[] y master_level[] en la estructura snd_us16x08_meter_store.\n\nActualmente, la función deriva el índice del canal directamente del paquete de medidor (MUB2(meter_urb, s) - 1) y lo usa para indexar esos arrays sin validar el rango. Si el paquete contiene un número de canal negativo o fuera de rango, el controlador puede escribir más allá del final de estos arrays.\n\nIntroduce una variable de canal local y valídala antes de actualizar los arrays. Rechazamos los índices negativos, limitamos meter_level[] y comp_level[] a SND_US16X08_MAX_CHANNELS, y protegemos las actualizaciones de master_level[] con ARRAY_SIZE(master_level)."}],"metrics":{},"references":[{"url":"https://git.kernel.org/stable/c/2168866396bd28ec4f3c8da0fbc7d08b5bd4f053","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/2f21a7cbaaa93926f5be15bc095b9c57c35748d9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/53461710a95e15ac1f6542450943a492ecf8e550","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/5526c1c6ba1d0913c7dfcbbd6fe1744ea7c55f1e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/a8ad320efb663be30b794e3dd3e829301c0d0ed3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/cde47f4ccad6751ac36b7471572ddf38ee91870c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/eaa95228b8a56c4880a182c0350d67922b22408f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"}]}}]}