VDB
DEBIAN-CVE-2025-68819
DEBIAN-CVE-2025-68819
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() rlen value is a user-controlled value, but dtv5100_i2c_msg() does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeof(st->data), an out-of-bounds vuln occurs for st->data. Therefore, we need to add proper range checking to prevent this vuln.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | linux | 0, 6.12.43-1~bpo12+1, 6.12.48-1 |
| Debian:13 | linux | 6.12.43-1, 0, 6.12.41-1 |
| Debian:11 | linux-6.1 | 6.1.153-1~deb11u1, 6.1.148-1~deb11u1, 6.1.158-1~deb11u1 |
| Debian:12 | linux | 6.1.128-1, 6.1.129-1, 6.1.133-1 |
| Debian:11 | linux | 5.10.46-4, 5.10.92-2, 5.10.70-1 |
Timeline
- Jan 13, 2026 CVE Published
- Apr 28, 2026 CVE Updated