{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-37889", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-04-16T04:51:23.963Z", "datePublished": "2025-05-09T06:45:50.868Z", "dateUpdated": "2025-05-10T14:09:43.898Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-10T14:09:43.898Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/sound/soc.h", "sound/soc/soc-ops.c"], "versions": [{"version": "c11fc224e58e7972ffd05b8f25e9b1d6a0b8d562", "lessThan": "c402f184a053c8e7ca325e50f04bbbc1e4fee019", "status": "affected", "versionType": "git"}, {"version": "a50562146d6c7650029a115c96ef9aaa7648c344", "lessThan": "694110bc2407a61f02a770cbb5f39b51e4ec77c6", "status": "affected", "versionType": "git"}, {"version": "395e52b7a1ad01e1b51adb09854a0aa5347428de", "lessThan": "544055329560d4b64fe204fc6be325ebc24c72ca", "status": "affected", "versionType": "git"}, {"version": "fb9ad24485087e0f00d84bee7a5914640b2b9024", "lessThan": "a46a9371f8b9a0eeff53a21e11ed3b65f52d9cf6", "status": "affected", "versionType": "git"}, {"version": "fb9ad24485087e0f00d84bee7a5914640b2b9024", "lessThan": "296c8295ae34045da0214882628d49c1c060dd8a", "status": "affected", "versionType": "git"}, {"version": "fb9ad24485087e0f00d84bee7a5914640b2b9024", "lessThan": "0eba2a7e858907a746ba69cd002eb9eb4dbd7bf3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["include/sound/soc.h", "sound/soc/soc-ops.c"], "versions": [{"version": "6.7", "status": "affected"}, {"version": "0", "lessThan": "6.7", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.180", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.132", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.84", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.20", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.13.8", "lessThanOrEqual": "6.13.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.14", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.148", "versionEndExcluding": "5.15.180"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.74", "versionEndExcluding": "6.1.132"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.6.7", "versionEndExcluding": "6.6.84"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.12.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.13.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.7", "versionEndExcluding": "6.14"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c402f184a053c8e7ca325e50f04bbbc1e4fee019"}, {"url": "https://git.kernel.org/stable/c/694110bc2407a61f02a770cbb5f39b51e4ec77c6"}, {"url": "https://git.kernel.org/stable/c/544055329560d4b64fe204fc6be325ebc24c72ca"}, {"url": "https://git.kernel.org/stable/c/a46a9371f8b9a0eeff53a21e11ed3b65f52d9cf6"}, {"url": "https://git.kernel.org/stable/c/296c8295ae34045da0214882628d49c1c060dd8a"}, {"url": "https://git.kernel.org/stable/c/0eba2a7e858907a746ba69cd002eb9eb4dbd7bf3"}], "title": "ASoC: ops: Consistently treat platform_max as control value", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Consistently treat platform_max as control value\n\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\n\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\n\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PCI/MSI: Manejo correcto del indicador NOMASK para todos los backends PCI/MSI. La conversi\u00f3n de la variable global espec\u00edfica de XEN pci_msi_ignore_mask a un indicador de dominio MSI pas\u00f3 por alto los siguientes hechos: 1) Las arquitecturas heredadas no proporcionan un dominio de interrupci\u00f3n. 2) Los dominios MSI principales no necesariamente tienen informaci\u00f3n de dominio adjunta. Ambos casos resultan en una desreferencia de puntero NULL incondicional. Desafortunadamente, esto se pas\u00f3 por alto en la revisi\u00f3n y las pruebas lo revelaron tarde. Solucione esto utilizando el asistente pci_msi_domain_supports() existente, que maneja todos los casos posibles correctamente."}], "id": "CVE-2025-37889", "lastModified": "2025-05-12T17:32:32.760", "metrics": {}, "published": "2025-05-09T07:16:10.307", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0eba2a7e858907a746ba69cd002eb9eb4dbd7bf3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/296c8295ae34045da0214882628d49c1c060dd8a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/544055329560d4b64fe204fc6be325ebc24c72ca"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/694110bc2407a61f02a770cbb5f39b51e4ec77c6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a46a9371f8b9a0eeff53a21e11ed3b65f52d9cf6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c402f184a053c8e7ca325e50f04bbbc1e4fee019"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: ASoC: ops: Consistently treat platform_max as control value", "id": "2365259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365259"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nASoC: ops: Consistently treat platform_max as control value\nThis reverts commit 9bdd10d57a88 (\"ASoC: ops: Shift tested values in\nsnd_soc_put_volsw() by +min\"), and makes some additional related\nupdates.\nThere are two ways the platform_max could be interpreted; the maximum\nregister value, or the maximum value the control can be set to. The\npatch moved from treating the value as a control value to a register\none. When the patch was applied it was technically correct as\nsnd_soc_limit_volume() also used the register interpretation. However,\neven then most of the other usages treated platform_max as a\ncontrol value, and snd_soc_limit_volume() has since been updated to\nalso do so in commit fb9ad24485087 (\"ASoC: ops: add correct range\ncheck for limiting volume\"). That patch however, missed updating\nsnd_soc_put_volsw() back to the control interpretation, and fixing\nsnd_soc_info_volsw_range(). The control interpretation makes more\nsense as limiting is typically done from the machine driver, so it is\nappropriate to use the customer facing representation rather than the\ninternal codec representation. Update all the code to consistently use\nthis interpretation of platform_max.\nFinally, also add some comments to the soc_mixer_control struct to\nhopefully avoid further patches switching between the two approaches."], "name": "CVE-2025-37889", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-37889\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-37889\nhttps://lore.kernel.org/linux-cve-announce/2025051039-CVE-2025-37889-f248@gregkh/T"], "threat_severity": "Moderate"}