CVE-2025-68783

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ALSA: usb-mixer: us16x08: validate meter packet indices<br /> <br /> get_meter_levels_from_urb() parses the 64-byte meter packets sent by<br /> the device and fills the per-channel arrays meter_level[],<br /> comp_level[] and master_level[] in struct snd_us16x08_meter_store.<br /> <br /> Currently the function derives the channel index directly from the<br /> meter packet (MUB2(meter_urb, s) - 1) and uses it to index those<br /> arrays without validating the range. If the packet contains a<br /> negative or out-of-range channel number, the driver may write past<br /> the end of these arrays.<br /> <br /> Introduce a local channel variable and validate it before updating the<br /> arrays. We reject negative indices, limit meter_level[] and<br /> comp_level[] to SND_US16X08_MAX_CHANNELS, and guard master_level[]<br /> updates with ARRAY_SIZE(master_level).