kernel: ALSA: 6fire: fix use-after-free on disconnect

A flaw was found in the Linux kernel's ALSA 6fire USB audio device driver. During the disconnection process of a 6fire USB audio device, a use-after-free vulnerability occurs. This happens when the system attempts to write to memory that has already been deallocated, which can lead to memory...

SUSE CVE-2026-31581

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6firechipabort, the chip struct is allocated as the card's private data via sndcardnew with sizeofstruct sfirechip. When sndcardfreewhenclosed is called and no file handles are...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-53239)

ALSA: 6fire: The current 6fire code tries to release the resources right after the call of usb6firechipabort. But at this moment, the card object might be still in use as we're calling sndcardfreewhenclosed and cause potential UAFs. This plugin only works with Tenable.ot. Please visit...

EUVD-2024-51911

Malicious code in bioql PyPI...

CVE-2024-53239

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6firechipabort. But at this moment, the card object might be still in use as we're calling...

SUSE CVE-2024-53239

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6firechipabort. But at this moment, the card object might be still in use as we're calling...

CVE-2024-53239

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6firechipabort. But at this moment, the card object might be still in use as we're calling...

CVE-2024-53239 ALSA: 6fire: Release resources at card release

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6firechipabort. But at this moment, the card object might be still in use as we're calling...

CVE-2024-53239

CVE-2024-53239 relates to the Linux kernel ALSA 6fire driver. The vulnerability arises when resources are released immediately after usb6fire_chip_abort(), while the card object may still be in use (the code calls snd_card_free_when_closed()). This can lead to a use-after-free scenario. The docum...

CVE-2024-53239 ALSA: 6fire: Release resources at card release

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6firechipabort. But at this moment, the card object might be still in use as we're calling...

CVE-2024-53239

In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code tries to release the resources right after the call of usb6firechipabort. But at this moment, the card object might be still in use as we're calling...

Terratec DMX 6Fire 安全漏洞

Terratec DMX 6Fire is a professional audio interface and sound card product from Terratec, Inc. targeted at professional applications such as music production, audio recording, mixing and audio editing. A security vulnerability exists in Terratec DMX 6Fire version 1.23.0.02, which stems from the...